Bypass default Authentication and Authorization handlers for Weblogic

This has come up a few times now – it seems like every time we set up a new server. Starting in Weblogic 9.0, if the headers were there, Weblogic tried to authenticate using its own authentication handler, which of course, knows nothing about our users (in our application, anyway). This issue was logged in our JIRA and whenever I need the info, I look it up there, but since it comes up often, this might be a better place for it.

The gist of it is, edit the config.xml file located in WEBLOGIC_HOME\user_projects\domains\dbo2domain\config. Look for the following lines in the security-configuration node:

<node-manager-username>weblogic</node-manager-username>
<node-manager-password-encrypted>xxxxxxxxxxxxxxxxxxxx</node-manager-password-encrypted>

You just need to add the following line directly after them:

<enforce-valid-basic-auth-credentials>false</enforce-valid-basic-auth-credentials>

Then restart the server and you should be all set.

Advertisements
Post a comment or leave a trackback: Trackback URL.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: