Skip to main content

WebLogic 10 Active Directory Authentication Provider Bug


This is a simple symptom-cause-solution blog entry only. I hope these blogs will help fellow administrators.

Symptom

With an Active Directory Authenticator configured, if a user logs in once with incorrect credentials further attempts to log in will fail, even with the correct username and password (until the server is restarted). If the user continues to login with correct credentials, WebLogic will eventually lockout the account.

Cause

This is a known bug for WebLogic 10 MP1.
During authentication the AD provider binds twice using the same LDAP connection, once with the username password being authenticated, and once with the credentials supplied when you configure the LDAP provider. If authentication fails, the second binding doesn’t happen, and the unauthenticated LDAP connection is returned to the internal LDAP connection pool. This poses a problem when later trying to authenticate and the unauthenticated LDAP connection is retrieved from the pool...
-Cobbie Behrend (Source: Bastion)

Solution

Contact Oracle for a WebLogic patch, or upgrade to a later service pack.

Note to Vignette users: If you encounter this problem with VCM 7.6, Vignette will supply SP1 to fix the issue.

References

Labels:

Comments

Post a Comment

Popular posts from this blog

NullPointerException

java.lang.NullPointerException NullPointerException is described in the javadoc comments as: Thrown when an application attempts to use null in a case where an object is required. These include: Calling the instance method of a null object. Accessing or modifying the field of a null object. Taking the length of null as if it were an array. Accessing or modifying the slots of null as if it were an array. Throwing null as if it were a Throwable value. Applications should throw instances of this class to indicate other illegal uses of the null object. author: unascribed version: 1.19, 12/19/03 since: JDK1.0 Where is this exception thrown? Following, is a list of exception messages cross-referenced to the source code responsible for throwing them. Click on the method link to view the code and see how the exception is thrown. The message ' java.lang.NullPointerException: ' is thrown within the method: com.sun.corba.se.impl.interceptors.ClientRequestInfoImpl.get_r
Post a Comment
Read more

Connection refused: No available router to destination

This is a simple symptom-cause-solution blog entry only. I hope these blogs will help fellow administrators. Symptom The following exception occurs in WebLogic server logs. Most likely to occur during WebLogic server start-up, but similar exceptions may occur at other times. java.net.ConnectException: t3://myserver:8000: Destination unreachable; nested exception is: java.net.ConnectException: Connection refused: connect; No available router to destination] at weblogic.jndi.internal.ExceptionTranslator.toNamingException(ExceptionTranslator.java:49) at weblogic.jndi.WLInitialContextFactoryDelegate.toNamingException(WLInitialContextFactoryDelegate.java:773) at weblogic.jndi.WLInitialContextFactoryDelegate.getInitialContext(WLInitialContextFactoryDelegate.java:363) at weblogic.jndi.Environment.getContext(Environment.java:307) at weblogic.jndi.Environment.getContext(Environment.java:277) Cause This message (Connection refused: connect; No available
Post a Comment
Read more

SocketException

java.net.SocketException SocketException is described in the javadoc comments as: Thrown to indicate that there is an error in the underlying protocol, such as a TCP error. author: Jonathan Payne version: 1.17, 12/19/03 since: JDK1.0 Where is this exception thrown? Following, is a list of exception messages cross-referenced to the source code responsible for throwing them. Click on the method link to view the code and see how the exception is thrown. The message ' java.net.SocketException: ... ' is thrown within the method: java.net.ServerSocket.createImpl() The message ' java.net.SocketException: ... ' is thrown within the method: java.net.Socket.createImpl(boolean) The message ' java.net.SocketException: ... ' is thrown within the method: java.net.SocksSocketImpl.connect(SocketAddress, int) The message ' java.net.SocketException: ... ' is thrown within the method: java.net.SocksSocketImpl.socksBind(InetSocketAddress) The message 
Post a Comment
Read more