Creating a Custom Authentication Provider
Developing your own security providers is a relatively specialized task — it is necessary only if WebLogic’s default providers are insufficient. The majority of custom providers tend to change the default authentication or identity assertion mechanisms. The following sections provide an example of each of these. We recommend that you read WebLogic’s well-documented security provider API to understand the life cycle of each provider if you intend to create your own. This information is supplied on the official web site, http://edocs.bea.com/wls/docs81/dvspisec/index.html. BEA’s dev2dev web site (http://www.dev2dev.bea.com) also contains a number of example providers.
WebLogic’s provider architecture is MBean-based (see Chapter 20) — if you are going to write a new provider, it has to have a corresponding MBean implementation. WebLogic provides tools for creating the necessary MBean deployment files and implementations. At runtime, the MBean representing your provider will be used to create an instance of your provider implementation — the MBean is, in a sense, a factory for the provider implementation that you will have to supply. This, in turn, will use the MBean to read its configuration information. Any provider MBean must extend the appropriate base MBean type, supplied with WebLogic. To facilitate in the creation of these peripheral classes, WebLogic provides a few utilities. They are based around an MBean Definition File (MDF), ...