Skip to main content

Enabling Remote User in Weblogic

Most of the Application use “OAM_REMOTE_USER” or “Proxy-remote-user” for the SSO setup which is sent by OAM in the Header. But some applications (like some Apex apoplications) still use “REMOTE_USER” for SSO with OAM. This Remote_user is generated by Weblogic itself based on the user authenticated and retrieved by method “request.getRemoteUser()”. With version 10.3.x this method was deprecated and not enabled automatically with start of weblogic as it opens a security vulnerability. However this Remote user can be enabled explicitly when weblogic is started with the Run time argument “-Dweblogic.http.enableRemoteUserHeader=true”. Add this value in JAVA Properties of setDomainenv.sh and Remote user will be enabled. Please note that this is not preferred way to do that as the logged in user can be retrieved with “proxy-remote-user” header but can be solution in the case many applications are using “request.getRemoteUser()” method for SSO setup.

Comments

  1. Unknown26 November 2016 at 22:13

    Hello Shikhar, Can you please help me out in Enabling Remote User in Integrated Weblogic server 11g environment. I've tried to make these settings in both the setDomainenv.sh and also the startWebLogic.cmd files, but the value is coming as "Null", any leads would be great. Thanks in advance.

    ReplyDelete
    Replies
    1. Shikhar Mishra28 November 2016 at 05:57

      Which Weblogic version are you using ? I have checked this with 10.3.6 version and it works. I searched on Oracle support site and found this note: Session Data Randomly Lost in WSRP Portlet Due to HttpServletRequest.getRemoteUser() Returning Null (Doc ID 964822.1). If you have access of support site look at this note.

      Delete

Post a Comment

Popular posts from this blog

Oracle Traffic Director (OTD) configuration

Download the OTD software and install it on a server by running runInstaller command from <Binaries>/Disk1. Preferred is to configure the OTD as root user because when the administration server is configured as root, then Oracle Traffic Director starts the keepalived daemon automatically when you start instances that are part of a failover group, and stops the daemon when you stop the instances. Set Oracle_Home as the new Installed OTD Home. Run below command to configure the Admin server: <OTD_HOME>/otd/bin/tadm configure-server --port=8989 --user=admin --server-user=root --instance- home= <OTD_HOME> /otd/instance_name/otd_instance1 This command will ask for admin password and will create the admin server. Run Below command to start the admin server: <OTD_HOME> /otd/instance_name/otd_instance1/admin-server/bin/startserv Login to the OTD console on http://<host>:8989 as admin user.  Click New configuration: Click Next and create ne...
Post a Comment
Read more

Developing Prepopulate Adapter with OIM 11g R2

1.      Prepopulate Adapter in OIM uses the plugin point oracle.iam.request.plugins.PrePopulationAdapte r. 2.      Write the Java code which returns the value which has to be populated on the form. 3.      This code will implement the plugin point oracle.iam.request.plugins.PrePopulationAdapte r. Code Snippet: - package com.oracle.oim.utility.eventhandler; import java.io.Serializable; import java.util.Iterator; import java.util.List; import java.util.logging.Logger; import oracle.iam.identity.exception.NoSuchUserException; import oracle.iam.identity.exception.UserLookupException; import oracle.iam.identity.usermgmt.api.UserManager; import oracle.iam.identity.usermgmt.vo.User; import oracle.iam.platform.Platform; import oracle.iam.platform.authz.exception.AccessDeniedException; import oracle.iam.request.exception.RequestServiceException; import oracle.iam.request.vo.Beneficiary; ...
5 comments
Read more

Custom Login Page Protection- OAM 11g R2

Create a login page with fields having username,password and requestid. Below is the sample login page : <%@page language="java" session="true" contentType="text/html;charset=ISO-8859-1"  %> <% String path = request.getContextPath(); String basePath = request.getScheme()+"://"+request.getServerName()+":"+request. getServerPort()+path+"/"; String requestID = request.getParameter("request_id"); %> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <font color="blue">Login Page </font><br><br> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <title>Implementing css and javascript</title> <meta http-equi...
3 comments
Read more