WebLogic 10.3.0 - j_security_check Treats Expired Password from Active Directory as Failed Login
Last updated on DECEMBER 11, 2017
Applies to:Oracle WebLogic Server - Version 10.3 and later
Information in this document applies to any platform.
On Weblogic (WLS) 10.3.0, web application uses form-based authentication. This webapp which uses a standard form that submits password verification to j_security check, eg:
<input type="text" name="j_username"><br>
<input type="password" name="j_password">
The LDAP provider in use is Active Directory LDAP.
For some reason, j_security_check does not distinguish between an invalid and expired passwords, and always returns a LoginFailedException.
There is no effect, even if the setting <Propagate Cause For Login Exception> is enabled on the Active Directory side.
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms