Using an external LDAP server
In our use case, we are going to set up an authentication provider to integrate with an external OpenLDAP server. This will provide the key functionalities we need to secure our web application and illustrate with an example a common requirement of most enterprise applications.
Note
The setup of the OpenLDAP server and the initial load of users were performed in Chapter 2, Setting Up the Environment. You can check using some of the command-line utilities provided by OpenLDAP. For example, ldapsearch -H ldap://localhost:389 -D "cn=Manager,dc=example,dc=com" -W.
As the preceding diagram shows, our web application client will send username and password information, which will be processed by the WebLogic server against the active security realm; named myrealm by default. As we are using a standard Java EE web application, the web.xml deployment descriptor will be used to specify a few things:
Security constraint: What should be protected and by which role
Login configuration...
