tag:blogger.com,1999:blog-18725506.post1349569440405478051..comments2023-03-23T10:48:09.691+00:00Comments on The Middle Tier: WS Security - enabling passwordDigest authentication in an Oracle FMW environmentUnknownnoreply@blogger.comBlogger5125tag:blogger.com,1999:blog-18725506.post-79076128681211358382017-05-15T11:51:08.608+01:002017-05-15T11:51:08.608+01:00Hi Jason,
Glad you liked the post and apologies f...Hi Jason, <br />Glad you liked the post and apologies for the late reply - somehow I never got notification of comments awaiting moderation from blogger!<br />To answer your questions:<br />I used the DefaultAuthenticator that comes with weblogic because it already supports passwordDigest<br />Yes, you could have an externalised identity store and as long as the Authenticator you use is able to re-create the password digest on server side (effectively a non-reversible hash of multiple components including nonce & password), your Authenticator should be good enough for authenticating the web service call. <br />I think you can easily write such an authenticator using Java that has access to your non-Weblogic identity store..Jang-Vijay Singhhttps://www.blogger.com/profile/11926334117288628075noreply@blogger.comtag:blogger.com,1999:blog-18725506.post-81468998737765980882017-05-15T11:48:54.198+01:002017-05-15T11:48:54.198+01:00This comment has been removed by the author.Jang-Vijay Singhhttps://www.blogger.com/profile/11926334117288628075noreply@blogger.comtag:blogger.com,1999:blog-18725506.post-29365443556066639972017-02-27T17:05:59.304+00:002017-02-27T17:05:59.304+00:00Great post - Its helped my understanding a lot.
If...Great post - Its helped my understanding a lot.<br />If I'm not mistaken that means the user you authenticate with has to be local on the Weblogic identity store with the password stored as literal (there are some config changes you need to allow this to happen). Did you look at/were you able to have an external identity provider user authenticate in this manner using digest?<br />The config settings required to be made do not exist on adding external providers (such as AD, LDAP, OAM etc)Jason Scarfehttps://www.blogger.com/profile/02254416273140040417noreply@blogger.comtag:blogger.com,1999:blog-18725506.post-66654103831132205332016-12-07T11:37:45.669+00:002016-12-07T11:37:45.669+00:00@Mihir glad you liked it.
From what I read here, ...@Mihir glad you liked it. <br />From what I read here, it might be supported -https://docs.oracle.com/cd/E28280_01/web.1111/b32511/intro_security.htm#WSSEC2343<br />The best way to check would be to run the "Basic steps" as per my post and see if the DefaultAuthenticator allows you to choose wsse:PasswordDigestJang-Vijay Singhhttp://weblog.singhpora.comnoreply@blogger.comtag:blogger.com,1999:blog-18725506.post-6710618989663363432016-11-29T06:18:14.559+00:002016-11-29T06:18:14.559+00:00Awesome article.
Is it possible to implement above...Awesome article.<br />Is it possible to implement above solution in SOA 11g or it is possible only on 12C.<br />If possible in 11g how to od it?<br /><br />Please helpAnonymoushttps://www.blogger.com/profile/00103817283156050619noreply@blogger.com