Rabbit Eight Brother Notes 11: How to connect to WebLogic's built-in LDAP?
We know that LDAP Server can store data, but how can we see which content stored in LDAP Server? There are 2 answers, one is to use LDAP BROWER and the other is written by yourself. Our note only describes how to use LDAP Brower to view content in LDAP Server.
There are many kinds of LDAP clients. In the BEA documentation, it will be mentioned, but I feel like this interface I recommend, and I recommend a good open source LDAP BROWER: jxplorer, and the current version is 3.0. Download Site: http://pegacat.com/jxplorer/.
Let's start connecting to WebLogic's built-in LDAP Server!
One. Modify the password of admin.
Before starting the connection, we want to modify the password of the ADMIN of WebLogic's built-in LDAP Server. The modification method is as follows.
1. Turn on the console and click SECURIT on the left of the console and select Embedded LDAP (Built-in LDAP).
2. Modify password: Modify Credential: The value is: 88888888, in Confirm Credential: Enter it again.
3. Click the "Apply" button below.
The password of our admin is successfully modified.
two. Use JXPLORER to browse the contents of LDAP
1. Open Jxplorer.
The command to start JXPLORER is jxplorer.bat, which can be found in the jxplorer's directory. Double click. The interface is as follows.
2. Click the first button in the upper left corner to configure the connection parameters of the LDAP. Please configure the parameter value in the figure.
Host: Enter the IP address or machine name of the machine where WebLogic Server is located. If you don't have to change, default "localhost" if you are in this unit.
Port: Don't modify it. The general LDAP port is 389, but WebLogic is 7001, which can be found from the help of the BEA WLS. This makes me a lot of effort to find the reason.
Protocol: Do not change, LDAP V3 is the final protocol version and is the highest version.
Base DN: DC = XX, XX is the domain name of your WLS, if you are installed by default, then you should be Mydomain.
Security section Level: We choose user password. Of course, you can also log in anonymously, but your permissions are reduced.
User DN: CN = admin. The default user of the CN (Common name) of WLS is Admin.
PASSWORD: Enter 88888888.
Click OK.
3. If your configuration parameters are not wrong, then you will see the following screen.
4. Click "Table Editor" on the right. You will see all the properties and attribute values of the current object.
At this point, you have successfully connected to the built-in LDAP of WLS.
three. Modify, add attributes
See these properties, you may want to modify some values, or some attributes are not, let's implement this need.
1. First we should find an acls.prop file that controls user permissions in the previously mentioned WLS. This file is under X: / BEA / WebLogic81 / Server / Lib, x: For your installation drive. Open it.
The above comment is that only the Admin user is allowed to access by default, and only read permissions. If you want to be able to perform other operations, please refer to my 10th note write control rule. In this note, we don't want to achieve very fine permission control, we can remove the "#" of the selected part and the last two lines.
After saving, restart WLS.
2. Below we add a user. Right click on the people and select "New" in the pop-up menu.
3. Enter "UID = ZJ" in "Enter RND" on the pop-up interface. "ZJ" is the name I am casual and there is no special meaning. Other items are constant, click OK.
When you add a custom property to an object, you also need to change "SELECTED CLASSES", followed by.
5. Click the "Submit" button on the right side of the interface. An error message appears.
6. This is because some attributes do not have a default, but it is not allowed to be empty, so the operation is not successful.
7. Which necessary properties we modify. You may ask what attributes must be filled? We will discuss this problem, now I have assigned a value for all attributes (of course this is unnecessary, but for simple, we will do this first). save. Saved is successful, the interface is as follows.
8. At this time, you can modify the value of any property, then click Submit Save. Of course, the value we have changed should be legitimate (length, data type, etc. must be legal).
At this point, we have completed the description of the properties of the object.
four. Add custom properties
In order to cater to our project needs, add custom properties is inevitable, but we first check the LDAP specification before adding custom properties, see if there is already the name of the attribute we have to add, such as " Userpassword ", which is already defined in the specification that LDAP has published, so if you add this property in your own object, it is incorrect. You can get to http://www.ldapman.org/schema-reference/ to find if the property name you want to add is defined in Schema in the specification.
Schema is defined the definition file of the object contained in the directory server (this is my summary, of course you can see the introduction article on the top of the LDAP on www.ldapman.org, there is a more detailed introduction).
We open the Schema file in WLS to see. The Schema file in WLS is called Schema.core.xml, where is x: / bea / weblogic81 / server / lib, x: / for your installed WLS's drive letter. Figure.
Here I don't want to explain Schema's grammatical structure (you can read the relevant LDAP specification, these specifications can be found on www.ldapman.org.
Here we copy a paragraph, you can change it.
1. Copy the selected text.
2. Paste below the selected text and modify the value of ID and NAME to MyLove (this is the name I like an English song). Remove the value of DSML: Object-Identifier, add a new attribute IKNOWILOVEOUVEOUVEOUVEOUVEOUVEOU (this is the name of another English song I like), pay attention to the back Required = true meaning this is a must-fill property. After the revision is followed:
ID = "MYLOVE" Type = "structural" Superior = "# TOP"> save. Restart WLS. 3. Start JXPLORER, add subnet (entry) for the user zj. We choose to add a child entry to the RDN (relative DN) SN (Surname, see the specification of LDAP). We click right click on the top of ZJ. Select "NEW" on the pop-up menu. The pop-up interface is as follows. Click "OK", save success, pay attention to some classes in this, such as TOP. 4. Let's start ZJ to see. There is found that there is more a child entrance. Select the sub-entry LI, the property is displayed on the right attribute bar. At this point, we have ended this note. Although the content of this notes is simple, but I have checked the English information for a week, I read dozens of English articles, I hope it is useful. You can refer to this note, add your object. This note does not introduce the terminology and significance of LDAP. If you want to learn more about LDAP terms and significance, please www.ldapman.org, 嘿, it is more, but you can improve the E text! I only watched a few articles about Schema, you have also suffered this crime! I remembered a paragraph in the Saji Diary: Rust 1 year February 25 We finally boarded the Tianshan of Xinchi! Tianchi is like a beautiful pure girl halo to the top of Tianshan. Lake in the lake, reflecting a blue sky and white clouds. So quiet, so clear. We shouted at the lake: "Hey ...! Have ... people ... ...?" I heard the echo of the lake: "Hey ... there is ... Four ... silly ... birds ... ! " The second division is not self-contained, jumping into the lake, swimming in swimming. After he jumped, the master smiled: "Haha, this idiots! The water in Tianchi is the ice and snow water on Tianshan, and he is cold, and he actually asked if he didn't ask!" But I saw the second division of the gods, and the master asked him: "Don't you cool?" The second brother expression is natural, there is no one bit of painful color. Said: "Too comfortable! Too pleasure! Little is not cold! It seems like Xiayu's sea water! Don't believe you try?" The master immediately replaced with a high-fork dress and jumped into the lake. Two brothers climbed the uphore, I immediately played ... "Yeah! It's too cold! I am fine! I haven't frozen! ...... Fortunately, my acting is dragged down ... otherwise I am frozen in a water! "Master is probably thinking, there is a green lip in the water, shaking, still shouting:" Fast! ... fast ... fast down! " Really ... it's too soul! " We didn't care about him, and we went to the flower basket. Ok, if time is allowed, I will summarize how to operate LDAP through JNDI. I also have Struts notes have not been written yet, haha! Bugs Bunny Tuesday, December 2, 2003 20:00
