LDAP Security Realm-->Users

LDAP Security Realm-->Users

Tasks Related Topics Attributes

Overview

Use this page to define how users are stored in the LDAP server. To use the LDAP security realm, you need to use Compatibility security. The use of the LDAP security realm is deprecated in this release of WebLogic Server.

Tasks

Configuring an LDAP V1 Security Realm
Enabled Communucation between the LDAP Server and WebLogic Server
Specifying How Users Are Located in the LDAP V1 Security Realm
Specifying How Groups Are Located in the LDAP V1 Security Realm
Adding a Note to the LDAP V1 Security Realm
Configuring the Caching Realm

Related Topics

Introduction to WebLogic Security
Managing WebLogic Security
Securing WebLogic Resources
Programmimg WebLogic Security
Developing Security Providers for WebLogic Server
Securing a Production Environment
The Security topics in the WebLogic Server 8.1 Upgrade Guide
Security FAQ
The Security page in the WebLogic Server documentation

Attributes

Attribute Label

Description

Value Constraints
User Authentication Determines the method for allowing or denying a user the right to communicate with WebLogic Server. Set this attribute to one of the following values:
Bind--The LDAP security realm retrieves user data, including the password for the LDAP server, and checks the password in WebLogic Server.

External--The LDAP security realm authenticates a user by attempting to bind to the LDAP server with the username and password supplied by the WebLogic client.

Local--The LDAP security realm authenticates a user by looking up the UserPassword attribute in the LDAP directory and checking its value against a set of passwords in WebLogic Server.
Default: "bind"Valid values:
bind"

external"

local"

User Password Attribute If the userAuthentication attribute is set to local, this attribute finds the attribute in the LDAP user objects that contains the passwords of the LDAP users. Default: "userpassword"
User DN A list of attributes that, when combined with the attribute named in the userNameAttribute attribute, uniquely identifies a user in the LDAP directory. When specifying this attribute, use the following format: ou=Barb.Klock, u=acme.com Default:
User Name Attribute The login name of a user for the LDAP directory. The value of this attribute can be the common name of a user in the LDAP directory. However, it is generally an abbreviated string, such as a User ID.

Attribute Label	Description	Value Constraints
User Authentication	Determines the method for allowing or denying a user the right to communicate with WebLogic Server. Set this attribute to one of the following values: Bind--The LDAP security realm retrieves user data, including the password for the LDAP server, and checks the password in WebLogic Server. External--The LDAP security realm authenticates a user by attempting to bind to the LDAP server with the username and password supplied by the WebLogic client. Local--The LDAP security realm authenticates a user by looking up the UserPassword attribute in the LDAP directory and checking its value against a set of passwords in WebLogic Server.	Default: "bind"Valid values: bind" external" local"
User Password Attribute	If the userAuthentication attribute is set to local, this attribute finds the attribute in the LDAP user objects that contains the passwords of the LDAP users.	Default: "userpassword"
User DN	A list of attributes that, when combined with the attribute named in the userNameAttribute attribute, uniquely identifies a user in the LDAP directory. When specifying this attribute, use the following format: ou=Barb.Klock, u=acme.com	Default:
User Name Attribute	The login name of a user for the LDAP directory. The value of this attribute can be the common name of a user in the LDAP directory. However, it is generally an abbreviated string, such as a User ID.