在 Weblogic 10.3 中使用 Active Directory 限制 URL - 从哪里开始?
我们希望使用 Active Directory 服务器来限制对 Weblogic 服务器上 Spring 应用程序中某些 URL 的访问,但我不知道从哪里开始。据我了解,问题应该很简单,我们有一个简单的应用程序,它有许多 URL:
<root>/page1.do
<root>/page2.do
<root>/page3.do
etc.
和一个 Active Directory 服务器,它列出了两个组中的用户,例如“管理员”和“用户”。我们希望根据提供的登录信息(不需要 SSO),“管理员”中的任何人都可以访问所有页面,“用户”中的任何人只能访问 page2.do 和 page3.do。
我完全不知道从哪里开始,而且谷歌也不太愿意。我希望这是一个简单的任务(将 AD 服务器添加到 weblogic,设置一个配置文件)。任何人都有这方面的经验并链接到好的开始位置或总结我们需要做什么才能让它以这种方式工作?
干杯
We are looking to use an Active Directory server to restrict access to certain URLs in our Spring application on a Weblogic server and I have no idea where to start. The problem should be quite simple as I understand it, we have a simple app which has a number of URLs:
<root>/page1.do
<root>/page2.do
<root>/page3.do
etc.
And an Active Directory servers which lists the users in two groups, such as "Admin" and "User". We would like it so that based on the login information provided (no SSO required), anyone in "Admin" can access all pages, anyone in "User" can only access page2.do and page3.do.
I have absolutely no idea where to start and Google isn't being very forthcoming. I would have hoped that this is an easy task (add AD server to weblogic, set up a config file). Anyone have any experience with this and links to good places to get started or a summary of what we will need to do to get it working in this fashion?
Cheers
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
您应该能够轻松地将 AD 用作 Weblogic 服务器中的身份验证提供程序。以下是一些有关如何进行配置的文档:
http://download.oracle.com/docs /cd/E12840_01/wls/docs103/secmanage/atn.html#wp1198953
之后,您可以配置安全角色和安全策略,以控制对服务器资源的访问。再次,一些入门文档: http:// /download.oracle.com/docs/cd/E13222_01/wls/docs81/secintro/concepts.html#1083616
如果您喜欢从一本好书开始,我的建议是:http://onjava.com/pub/a/onjava/excerpt/weblogic_chap17/index.html。尽管有些老旧,本章几乎涵盖了您需要了解的所有内容。
You should be able to easily use your AD as an Authentication Provider in your Weblogic server(s). Here is some documentation to get started on how to do the configuration:
http://download.oracle.com/docs/cd/E12840_01/wls/docs103/secmanage/atn.html#wp1198953
After that, you can configure security roles and security policies in order to control access to your server's resources. Again, some docs to get started: http://download.oracle.com/docs/cd/E13222_01/wls/docs81/secintro/concepts.html#1083616
If you prefer a good book to start with, here goes my suggestion: http://onjava.com/pub/a/onjava/excerpt/weblogic_chap17/index.html. Although somewhat old, this chapter covers pretty much everything you need to know.