Hi,
We are trying to achieve SSO from a standard J2EE web application to Documentum Webtop, all deployed on a Weblogic 9.2 domain.
The web app authenticates against an OpenLDAP authentication provider in weblogic. Hence in the web.xml, I have an entry like this:
<login-config id="LoginConfig_1">
<auth-method>FORM</auth-method>
<realm-name>TWRealm</realm-name>
<form-login-config id="FormLoginConfig_1">
<form-login-page>/jsp/common/login.jsp</form-login-page>
<form-error-page>/jsp/common/login_error.jsp</form-error-page>
</form-login-config>
</login-config>
where TWRealm is the security realm in Weblogic where my OpenLDAP authenticator is configured.
Now, we have implemented a documentum job in Administrator (DA) that synchronizes the users and groups in thre OpenLDAP store to Documentum DB. As a result, I can log into Webtop as any user in my OpenLDAP store.
The challenge is to achieve Single-Sign-On so that a user logged into our web-app may follow links to Webtop and/or Administrator without requiring to log in.
I had tried to enable basic authentication first, and therefore uncommented the following in Webtop's web.xml:
<security-constraint>
<web-resource-collection>
<web-resource-name>Webtop</web-resource-name>
<url-pattern>/*</url-pattern>
<http-method>POST</http-method>
<http-method>GET</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>everyone</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
</login-config>
So when I access a page in Webtop, I get the browser login dialog. But on typing the username and password, it does not log me in. When I comment the above entries, I can log in normally (ie. from Webtop default login screen) without any issue. Any idea why?
regards,
Rana Bhattacharjee
