0

I configure a LDAP authenticator with WebLogic as follows: Weblogic console -> security realms -> myrealm -> providers -> new -> type: ActiveDirectoryAuthenticator... and set User Name Attribute = sAMAccountName. then, my application gets the sAMAccountName of the authenticated user by calling httpServletRequest.getUserPrincipal.getName().

however, this returns just the string (the sAMAccountName). Is it possible to get the complete LDAP account of the authenticated user (javax.naming.directory.SearchResult, or similar) directly from httpServletRequest?

ps: I am aware that I could use an extra LDAP query based on sAMAccountName to get the complete LDAP account of the user, but this would require an unnecessary second LDAP query, and also to replicate the LDAP configuration from Weblogic into my application.

Improve this question

1 Answer 1

Reset to default
1

You can use the OPSS User & Role APIs. They will work with Active Directory.

http://docs.oracle.com/cd/E12839_01/core.1111/e10043/devuserole.htm#BABBIGAJ

You can query the identity store directly for a specific user or role using the searchUser and searchRole APIs:

IdentityStore.searchUser(String name);

IdentityStore.searchUser(Principal principal);

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.