Content Platform Engine, Version 5.2.1       Application server:  WebLogic Application Server    

Enabling Kerberos on the application server (WebLogic)

To enable Kerberos under WebLogic, you must set up a special Engine Kerberos Service Authentication Provider.

About this task

To set up the special Engine Kerberos Service Authentication Provider:

Procedure

  1. Copy the Engine-authenticator-wl.jar to the following location:
    Option Description
    Windows %WL_HOME%\server\lib\mbeantypes
    UNIX ${WL_HOME}/server/lib/mbeantypes

    This JAR file can be found in the Content Platform Engine installation directory, such as Program Files\FileNet\ContentEngine\Kerberos for Windows or installdir/FileNet/ContentEngine/Kerberos for non-Windows systems.

  2. Start the WebLogic server and run the administrative console.
  3. Navigate to Security > Realms > myrealm > Providers > Authenticators, where myrealm is the default name of the security realm, which might be different in your environment).
  4. Create a new Engine Kerberos Service Authenticator and set its name to, for example, EngineKrbAuthenticator.
  5. In the pane that follows, change the Control Flag setting to SUFFICIENT.
  6. Click Create.
  7. Go back to Security > Realms > myrealm > Providers > Authenticators.
  8. Click EngineKrbAuthenticator and use the arrows to shift it above any LDAP providers, but below the DefaultAuthenticator.
  9. Click Apply.
  10. Navigate back to the EngineKrbAuthenticator page and click Details or Provider Specific.
  11. Make any changes necessary on this page. For instance, set the Debug option.
  12. Save the changes.


Last updated: October 2015
p8psn028.htm

© Copyright IBM Corporation 2015.