Symantec Access Management

  • Private Community

  • 1.  IWA for weblogic

    Posted Aug 10, 2016 12:27 AM


    In my environment I configured ASA for weblogic. User store is AD. Application will use user id for authorisation. When i use http form authentication schema. All is working fine, but when I change to windows authentication the user is not authorised as user id format is Domain\Userid. I configured to return custom http headers but it doesn't help.

     

    Is there a way to configure to return a userid without the domain returning to application when using windows authentication. 



  • 2.  Re: IWA for weblogic
    Best Answer

    Posted Aug 10, 2016 02:00 AM

    Hi JinLong Li,

     

    Yes, try setting the ACO parameter filterdomainname=yes

    More here :CA SiteMinder Agent for Oracle WebLogic r12 SP2 - CA

     

    filterdomainname

    (Dynamic)

    yes or no

    To have the SiteMinder Agent remove the domain name from the user ID string before asserting an identity, set the filterdomainname parameter to yes. Setting the value to yes allows the SiteMinder Agent to use an NTLM authentication scheme because the user identity passed from a Web Agent on a front-end proxy server to the SiteMinder Identity Asserter contains the domain name when using this authentication scheme.

    The default value is no.

     

    Hope this helps.

     

    Cheers,

    Ujwol Shrestha

    Ujwol's Single Sign-On Blog



  • 3.  Re: IWA for weblogic

    Posted Aug 10, 2016 03:04 AM

    Thank you Ujwol,

     

    It worked for me.



  • 4.  Re: IWA for weblogic

    Posted Mar 05, 2019 01:58 PM

    Ujwol, 

     

    is similar setting available for ASA for websphere , i am stuck with a solution for such use case. 

     

    Thanks,

    VIvek