Manualshelf

Technical data

ManualsBrandsBEA ManualsComputer equipmentWebLogic Server 7
251252253254255256257258259260
14 Managing Security
14-20 Administration Guide
13. Choose the Filerealm tab.
14. In the Caching Realm attribute, choose the name of the Caching Realm to be
used with the LDAP Security realm. A list of configured Caching Realms
appears on the pull-down menu.
Note: When you use an LDAP Security realm, you must configure and enable the
Caching realm; otherwise, the LDAP Security realm will not work.
15. Reboot WebLogic Server.
The Caching realm caches Users and Groups internally to avoid frequent lookups in
the LDAP directory. Each object in the Users and Groups caches has a TTL attribute
that you set when you configure the Caching realm. If you make changes in the LDAP
directory, those changes are not reflected in the LDAP Security realm until the cached
object expires or is flushed from the cache. The default TTL is 10 seconds for
unsuccessful lookups and 60 seconds for successful lookups. Unless you change the
TTL attributes for the User and Group caches, changes in the LDAP directory should
be reflected in the LDAP Security realm in 60 seconds.
If some server-side code has performed a lookup in the LDAP Security realm, such as
a
getUser() call on the LDAP Security realm, the object returned by the realm cannot
be released until the code releases it. Therefore, a User authenticated by WebLogic
Server remains valid as long as the connection persists, even if you delete the user from
the LDAP directory.
Configuring an LDAP Realm V2
Configuring the LDAP Realm V2 involves defining attributes that enable the security
realm to communicate with the LDAP server and describe where users and groups are
stored in the LDAP directory. The LDAP tree and schema is different for every LDAP
server. WebLogic Server provides templates for the supported LDAP servers. These
templates specify default configuration information used to represent Users and
Groups in each of the supported LDAP servers. For more information, see “Supported
LDAP Server Templates” on page 14-22.
To configure a LDAP security realm V2, you choose the template that corresponds to
the LDAP server you want to use and modify it to specify information about your
specific configuration.
To use a LDAP Security realm V2:
1. Go to the Security
Realms node in the left pane of the Administration Console.