Search This Blog
Showing posts with label Partion Domain with WLST. Show all posts
Showing posts with label Partion Domain with WLST. Show all posts

Tuesday, January 12, 2016

Multitenancy in WebLogic 12c Part -1: Security Realm for Partition Domain

In the new ear of  Multi-tenancy environment with WebLogic the application server software it self changed a lot internally to support the Partition based domains which supporting existing features as well. When we create a new SecurityRealm for a Partition, we need to create the following MBeans :

Let me begin with sample Training project where it runs with Online and Corporate training partitions. Here in this post we can configure security realm for each partition.
  • Authenticator
  • Role
  • Identity Asserter
  • Role Mapper
  • Authorizer
  • Adjucator
  • Auditor
  • Credential Mapper
  • Certificate Path Provider
  • Password Validator
WebLogic Multi-tenancy - SecurityRealm configuration


Lets make re-usable module so that everyone can use the function as it is. The changes could be in the main module only. Further simplification you could also move the values into a separate properties file.


def create_securityRealm4partition(realmName):
 
 security = cmo.getSecurityConfiguration()
 print 'realm name is ' + realmName
 realm = security.createRealm(realmName)
 
 # ATN
 atnp = realm.createAuthenticationProvider('ATNPartition','weblogic.security.providers.authentication.DefaultAuthenticator')
 atna = realm.createAuthenticationProvider('ATNAdmin','weblogic.security.providers.authentication.DefaultAuthenticator')
 
 # IA
 ia = realm.createAuthenticationProvider('IA','weblogic.security.providers.authentication.DefaultIdentityAsserter')
 ia.setActiveTypes(['AuthenticatedUser'])
 
 # ATZ/Role
 realm.createRoleMapper('Role','weblogic.security.providers.xacml.authorization.XACMLRoleMapper')
 realm.createAuthorizer('ATZ','weblogic.security.providers.xacml.authorization.XACMLAuthorizer')
 
 # Adjudicator
 realm.createAdjudicator('ADJ','weblogic.security.providers.authorization.DefaultAdjudicator')
 
 # Auditor
 realm.createAuditor('AUD','weblogic.security.providers.audit.DefaultAuditor')

 # Credential Mapper
 realm.createCredentialMapper('CM','weblogic.security.providers.credentials.DefaultCredentialMapper')
 
 # Cert Path
 realm.setCertPathBuilder(realm.createCertPathProvider('CP','weblogic.security.providers.pk.WebLogicCertPathProvider'))
 
 # Password Validator
 pv = realm.createPasswordValidator('PV', 'com.bea.security.providers.authentication.passwordvalidator.SystemPasswordValidator')
 pv.setMinPasswordLength(8)
 pv.setMinNumericOrSpecialCharacters(1)

def main():
 connect("weblogic","welcome1","t3://192.168.33.100:6100")
 edit()
 startEdit()

 create_securityRealm4partition('Online_Realm')
 create_securityRealm4partition('Corporate_Realm')

 save()
 activate()
 disconnect()
main()




 wlst createSecurityRealm.py






SecurityRealm using WLST


Configure Security realm for partitions using WLST Script createSecurityRealm.py 





On the other hand you can see the WebLogic Admin console output as well:






Security Realm on Domain Partition





This article is a series of blog posts you will be more excited to see the next posts see below:




    

  1. Configure Security Realm for MT
    2. 

  2. Create Users & Groups for Partition domain
    3. 

  3. Configure Virtual Target
    4. 

  4. Creating Partition Domain
    5. 

  5. Configure IDD for Partition
    6. 

  6. Partition Control (start/stop using WLST)
    7. 

  7. Deploy and Undeploy Application on Partition 
    8. 







     
 



Posted by





at



0
comments
























Labels:
,
,
,
,
,













        

      









Subscribe to:
Posts (Atom)







Popular Posts




    

  • 

    Server State using WLST
    

     Hello! Dear Automation focused engineer we have this post about how to work simple server status list for a WebLogic domain. This logic can...
    

    • 

  • 

    JDBC Monitoring
    

      JDBC Monitoring with LWLST script   One fine morning we (WLA support Team) got an assignment, The summary of the assignment was to find ...
    

    • 

  • 

    Side by Side Deployment with WLST
    

        One of my online buddy requested me Python script help for developing Side by Side(SBS) deployment using WLST.    Automate Python Script...
    

    • 

  • 

    WLST Issues
    

      NoClassDefFoundError: weblogic.WLST issue  While starting WLST Script you might encounter this issue  Exception in thread "main"...
    

    • 

  • 

    WLST Errors and Exceptions
    

     When first time you started using WLST you might get many of these Python  based WLST Errors. Here I had collected few of them which are ve...
    

    • 

  • 

    NodeManager Status from WLST
    

     When you use WebLogic admin console you know the Node manager is 'Reachable' or 'Inactive' state. The same thing if you wis...
    

    • 

  • 

    Dynamic Domain creation with WLST
    

    Introducing Dynamism   Hey all wise WLA welcome to this exclusive WLST blog again!   My dear buddies, this week I was invited  for a discuss...
    

    • 

  • 

    My way of deployment with WLST
    

     This  Script has ultimate goal  to automate to one-step process for deploying the code onto WebLogic Development environments. Usually the ...
    

    • 

  • 

    JMS Server Configuration using WLST
    

     Most of the message orient middleware architecture designs, while preparing the proof of concept for a new business domain they need to do ...
    

    • 

  • 

    Self-tuned Thread Pool Count
    

        -->   Thread Pool count will give you the idea about the WebLogic Server instance throughput. First let us see how to monitor a serve...
    

    •