My Oracle Support Banner

WebLogic 10.3.0 - j_security_check Treats Expired Password from Active Directory as Failed Login (Doc ID 1263237.1)

Last updated on AUGUST 31, 2020

Applies to:

Oracle WebLogic Server - Version 10.3 and later
Information in this document applies to any platform.

Symptoms

On Weblogic (WLS) 10.3.0, web application uses form-based authentication.  This webapp which uses a standard form that submits password verification to j_security check, eg:


The LDAP provider in use is Active Directory LDAP. 

For some reason, j_security_check does not distinguish between an invalid and expired passwords, and always returns a LoginFailedException. 

There is no effect, even if the setting <Propagate Cause For Login Exception> is enabled on the Active Directory side.

Changes

 

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Symptoms
Changes
Cause
Solution


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.