Skip to Content
WebLogic: The Definitive Guide
book

WebLogic: The Definitive Guide

by Jon Mountjoy, Avinash Chugh
February 2004
Intermediate to advanced
848 pages
27h 25m
English
O'Reilly Media, Inc.
Content preview from WebLogic: The Definitive Guide

Mapping Certificates to WebLogic Users

As we saw earlier in Example 16-1, when a Java client creates a JNDI context bound to a server configured for two-way SSL, the server authenticates the client on two levels:

  • At the socket level, where the client’s certificate is validated at the server’s end. A server configured for two-way SSL needs to trust the client’s certificate before it can successfully negotiate the SSL connection. A similar situation arises when you use a browser to access a web application that enforces authentication using client certificates.

  • At the application-level, where WebLogic takes the user’s credentials to populate the client’s subject with valid WebLogic principals. WebLogic subsequently uses this subject to perform authorization checks on protected server-side resources.

If the client needs to interact with an SSL server configured for two-way SSL, the client will be requested to present its digital certificate to prove its identity. The client’s certificate can perform the dual role of identifying the WebLogic principals that map to the client. After all, a client’s certificate does affirm its identity. WebLogic lets you configure the server so that it can map the client’s certificate to the username of a valid WebLogic user. In this way, a Java client can securely establish a JNDI context that is bound to an SSL server by supplying only its private key and digital certificate, and WebLogic will map the client’s certificate to a username.

Typically, a ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

AirBnbBlueOriginElectronic ArtsHomeDepotNasdaqRakutenTata Consultancy Services

QuotationMarkO’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.
Julian F.
Head of Cybersecurity
QuotationMarkI wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.
Addison B.
Field Engineer
QuotationMarkI’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.
Amir M.
Data Platform Tech Lead
QuotationMarkI'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
Mark W.
Embedded Software Engineer

You might also like

Oracle WebLogic 12c for Administrators

Oracle WebLogic 12c for Administrators

Chris Parent
Deploying to OpenShift

Deploying to OpenShift

Graham Dumpleton

Publisher Resources

ISBN: 059600432XErrata Page