In order to do this, the LDAP connector is available OOTB. The DB and Unix is also available... Though that's all!

These connectors are actually from the OIM installation though because they comply with the ICF schema, they can be used for OPAM also.

The 3 connectors that can be used with OPAM are as follows:

• org.identityconnectors.dbum-1.0.1116.jar
• org.identityconnectors.genericunix-1.0.0.jar
• org.identityconnectors.ldap-1.0.6380.jar

Assuming you correctly configured the opam-config.xml file during installation, the 3 connectors are already configured for use. The blog post, HOW TO: install OPAM which is a video on how to execute the ANT command in preparation to the OPAM installation.

Startup Weblogic and log into the weblogic domain. On the left hand side, click Security Realms. Unless you've changed it in the past, click on the realm called myrealms

Click Lock & Edit located on the top-left area to make changes. Now click on the Providers tab, then select the Authentication tab, then click New to create a new Authentication Provider.

Click New to launch the Create a New Authentication Provider page and complete the fields as follows:

• Name: MyOIDDirectory
• Type: OracleInternetDirectoryAuthenticator

Now click on the MYOIDDirectory and select the configuration tab, then the Common tab. and select SUFFICIENT as the control flag. click Save, and return to the previous page (Do the same thing for the DefaultAuthenticator)

Now click on Reorder

Now make sure the Authentication Provider that you created is at the top.

Now click on the configuration tab then click on Provider Specific tab and enter in the following information:

• host:
• port: 3061
• principial: cn=orcladmin
• Credential: Password1
• Confirm Credential: Password1
• User base DN: cn=Users, dc=localdomain
• Group Base DN cn=Groups, dc=localdomain

Click, Save, then Activate Changes, then restart the WLS server. (Restarting is important!)

The LDAP authentication provider named "MyOIDDirectory" failed to make connection to ldap server at ldap://localhost.localdomain:389, the error cause is: Connection refused.

I was experiencing this error when I incorrectly entered in the provider Specific information within WLS and restarted the domain server. Double check that you've entered in the correct LDAP authentication credentials. (In this scenario, I should of been using 3061 (OID Port) not 389 (LDAP Port)

Caused by: javax.security.auth.login.FailedLoginException: [Security:090303]Authentication Failed: User rbacxadmin weblogic.security.providers.authentication.LDAPAtnDelegateException: [Security:090294]could not get connection
 at weblogic.security.providers.authentication.LDAPAtnLoginModuleImpl.login(LDAPAtnLoginModuleImpl.java:251)

I was receiving this error when then I discovered the principal was incorrect.

Caused by: javax.security.auth.login.FailedLoginException: [Security:090304]Authentication Failed: User {0} java.lang.NullPointerException
 at weblogic.security.providers.authentication.LDAPAtnLoginModuleImpl.login(LDAPAtnLoginModuleImpl.java:261)
 at com.bea.common.security.internal.service.LoginModuleWrapper$1.run(LoginModuleWrapper.java:110)

I noticed I was receiving this error when I was getting the error above though I was simply pressing 'submit' but instead of entering in the password again, I was using the stored, concatenated password stored in the GUI interface. To work around this issue, focus on the issue above.

About the author