Configuring GlassFish Server to Use LDAP Directory Server Authentication for the Admin-Realm (Doc ID 1317715.1)

Last updated on APRIL 06, 2017

Applies to:

Oracle GlassFish Server - Version 9.1 and later
Information in this document applies to any platform.

Goal

This article details how to configure GlassFish Server 2.x  to use LDAP authentication for the  admin-realm.

There's no support provided in the product for changing admin-realm from its default file-based mechanism, to another such as LDAP, but can be implemented per policy. 

This functionality is supported with GlassFish 3.x using the asadmin command "configure-ldap-for-admin", or by using the administration console.  GlassFish 2.x does not have a specific asadmin command to modify the admin-realm, but the administration console can be used.

Since the "asadmin" group is granted the appropriate permissions to login to the administration console, any users in this group can therefore login to the console, or run asadmin commands.  Having the "asadmin" group defined in LDAP can accomplish the same task if the admin-realm is configured to use ldapRealm for authentication.

Solution

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms