Securing some parts of a WebApp in WebLogic

These are the steps to protect some urls of a web application deployed in WebLogic:


Create appropiate authentication provider configuration. Restart WebLogic AdminServer and check that you are getting users, groups and user/groups membership from the external ldap repository



  • You have a group in LDAP called extranetgroup. User joe belongs to extranetgroup
  • You want to protect application under /extranet/* url pattern


Create the appropiate security configuration in web.xml:



Create the appropiate security in weblogic.xml*. Here is where you map roles to LDAP principals (users or groups)


Please notice that you don’t need to inform

Deploy or redeploy your applicaction with DDonly security model


(*) If your application is ear packaged (with weblogic-application.xml included) bear in mind that this file has preference over weblogic.xml

Enjoy 😉

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.