wtorek, 28 września 2010

JAAS security @ WebLogic

This may be a valuable tip for anyone struggling with custom JAAS-based security on Oracle WebLogic. Apart from tiresome JPDA debugging of custom authenticators or even server's code there is one nifty feature available: debug logging.

To enable some in-depth information logging, one needs to navigate to:

Servers -> [server name] -> Debug


There are two main categories: default and weblogic. For security debugging, the latter is interesting. Typically I enable following:

  • default -> security -> DebugSecurity

  • default -> security -> realm -> DebugSecurityRealm

  • default -> security -> realm -> DebugSecurityService


With those active, your console output will be filled with lots of debug data. Picking useful information is a somewhat different story.. ;-)

Brak komentarzy: