My Oracle Support Banner

WebLogic 10.3.0 - j_security_check Treats Expired Password from Active Directory as Failed Login (Doc ID 1263237.1)

Last updated on AUGUST 31, 2020

Applies to:

Oracle WebLogic Server - Version 10.3 and later
Information in this document applies to any platform.


On Weblogic (WLS) 10.3.0, web application uses form-based authentication.  This webapp which uses a standard form that submits password verification to j_security check, eg:

The LDAP provider in use is Active Directory LDAP. 

For some reason, j_security_check does not distinguish between an invalid and expired passwords, and always returns a LoginFailedException. 

There is no effect, even if the setting <Propagate Cause For Login Exception> is enabled on the Active Directory side.




To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.