vrijdag 20 januari 2012

Setting up and testing the SQL Authenticator

Please download sql_authenticator.zip for the source files.

To configure the SQL Authenticator, please follow these steps:

(1)
In the database, create a user that holds the security data (sqlauth_ddl1.sql).

(2)
Create some tables in your security schema (sqlauth_ddl2.sql).
P.S.: in this script the default structure is defined.  If you want to use another table structure, you'll have to change the SQL statements in your provider (see further).

(3)
Insert data in the tables (sqlauth_dml.sql).

(4)
Connect to the WLS Administration Console.

(5)
Create a data source that points to the schema you created.

(6)
In the WLS Administration Console, go to Security Realms.
Select myrealm - Providers and click on the New button.


Choose a name and select SQLAuthenticator in the Type poplist.
Click OK.




In the overview of the providers, your new provider is available.
Select your provider.
In the next screen go to the Configuration - Provider Specific tab.

In this screen you'll have to check the Plaintext Password Enabled checkbox, define your Data Source Name and select PLAINTEXT for Password Style.
Keep the defaults for the other fields.



P.S.: if you defined another table structure defined in the second step, you'll have to modify the SQL statements here.

(7)
For the DefaultAuthenticator, the Control Flag must be set on OPTIONAL (default value = REQUIRED).  If you don't do this, the users defined in your SQL Authenticator will not be able to log in.




(8)
Restart your domain.

(9)
If you go to the Users and Groups section of myrealm, you should see your users and groups defined in your database schema.  Here you can reorganise your users and groups.  All the provider-specific changes are written to the database.

(10)
Deploy sql_scrty.war to test your new security provider.
Please note that only access for the users who belong to the group SQL_Administrators is granted in the deployment descriptors of the application.

Geen opmerkingen:

Een reactie posten