Writing a Custom Security Realm in Weblogic

[Shawn McKinney <shawn.mckinney@jts.us>]

It has been brought to my attention recently that a Fortress custom realm for Weblogic server is needed.  Custom realms all follow a similar pattern so this should be easy to do following the instructions for Weblogic. 

Is there interest to pursue this?  Let us know.

The following info was captured from:

http://docs.oracle.com/cd/E13222_01/wls/docs61/security/prog.html

jump to section:

Writing a Custom Security Realm

You may need to create your own security realm to draw from an existing security store in your environment such as a directory server on the network. To write a custom security realm that supports authentication you need to write code that:

1. Defines a User class for the custom security realm.
2. Defines a Group class for the custom security realm.
3. Defines an enumeration class that return all Users and Groups in a security store and releases the resources of the security store when finished.
4. Defines a class for the custom security realm.
5. Obtains configuration data about the security store.
6. Authenticates a User.
7. Returns the members of a Group and creates a hash table that contains the members of a Group.
8. Returns a User object given a User name.
9. Returns a Group object given a Group name.
10. Uses an enumeration for Users to return User objects for all the Users in the security store.
11. Uses an enumeration for Groups to return Group objects for all the Groups in the security store.

You can also write a custom security realm that supports authorization. For more information, see Using Authorization in a Custom Security Realm.

Note: WebLogic Server also provides the capability to create a custom security realm that can be managed through the WebLogic Server Administration Console. For more information, see the Javadoc for the weblogic.security.acl package or contact BEA Professional Services.

-- 
Shawn McKinney
shawn.mckinney@jts.us