Read only user access denied to weblogic admin console - weblogic

I am trying to create user with Read only permissions for development team to have access to weblogic console , I know the process is simple but for some reason after creating the user i am not able login using the Read only user.
Below steps to create read only user:
Login into Weblogic Admin Console as weblogic user (administrator) ,Then => security realms -> myrealm => users&groups =>New "User" created “appdev” user with password “password01”.
Once user is created, selected username => selected Groups Tab => Selected group by name “Monitors”. Saved the changes made.
Logged out and closed the browser.
Restarted the server and Opened a new browser window.
Attempting to login with the new user is returning access denied.
We are using weblogic 9.2 version.

Check the below link and try to enable refresh replica at startup option and bounce the server and check.
Navigate to weblogic admin console ->Domain->Security->Embedded LDAP->Refresh Replica At StartUp
Detailed descriptions are written below:
http://www.techpaste.com/2013/10/weblogic-admin-server-startup-hanging-coming-running-state/#comment-4532

Related

Glassfish 4 admin console read-only account

Is it possible to create a read-only account to logon admin console. I would like to let someone to logon admin console with read-only permission only.
Not in GlassFish, but there is an open enhancement request to add user roles to the admin console for Payara Server:
https://github.com/payara/Payara/issues/1600

(Mac) Realm Object Server Login Failed: Email/Password Incorrect

I installed Realm on computer1 and ran the Realm Object Server (creating a new admin user) then installed and ran Realm Object Server on computer2 attempting to create the same admin user I created on computer1. It immediately went to the login page where I assumed it had recognized my credentials from computer1 so I then filled in the same credentials and tapped Login. For some reason this alert is now showing on the screen:
Login Failed: Email/Password combination incorrect.
In the server logs it states:
warn: auth.password: Handle request failed with: InvalidCredentials: The provided credentials are invalid.: Given account: foo#bar.com
I then restarted the Realm Server and attempted to create a different admin user with different credentials, after filling in the credentials and tap "submit" I am immediately taken to the login page where it gives the alert now saying:
An error occured while setting up your account.
What is also interesting, is that after trying to create that new account I don't receive any information in the logs after tapping submit.
It's not possible to run two copies of the Realm Object Server on multiple computers and share user accounts between them at the moment. Those will be two wholly separate and independent copies of the Realm Object Server.
Unless you registered two separate copies of the same admin account, the second login attempt will fail because the account doesn't exist in that instance.
We're working on adding additional scaling capabilities to the Realm Mobile Platform. Thanks for filing an issue on the Mobile Platform GitHub; we'll take it into consideration.

How to restrict access to Jenkins?

My Jenkins instance is currently open for every user, there is no authentication. I want to protect Jenkins against access by unauthorized users. I'm looking for a very simple/basic solution -- one user. If this "admin" user hasn't authenticated himself, he should not be able to do anything. If he has, he should get the full access the Jenkins instance (including all projects). How to configure this?
Follow these steps:
Go to Configure Global Security --> Security Realm : Jenkin's own user database and authorization Logged-in users can do anything. After saving, Jenkins should prompt you to create a new user. Please create the required user by filling in details like username and password.
Then, log in with that user and change the authorization to Matrix-based security. The matrix configuration should be as shown below i.e., it should have all privileges for the required user and none for anonymous users.
First you need to create an admin user or whatever you want.
To do that, go to your jenkins dashboard page and find "Credentials" option.
In credentials, you can create your user.
With your admin user created, just go back to your jenkins dashboard page and find "Manage Jenkins" option, in there, click on "Configure Global Security".
In Global Security Page, check the box "Enable Security", scroll down to "Access Control" and chose "Jenkins’ own user database" and select what users can do after login.

wso2 appm issue with ldap authentication when login on store or publisher

I'm trying to use wso2 APPM (vers 1.10.0) with an external ldap as authentication without real success.
I'll try to be as factual as possible to let it be testable:
I've unzip the wso2appm zip file under linux
I've setup the java_home var
I've start the wso2server.sh ==> no problem displayed in the log, at this step I must precise I'm using the default database of wso2.
Then logging to carbon gui, and adding a new userstore management setting up to a read-only external ldap.
after few seconds, the ldap users appears in the user list.
then selecting me in the list and adding the internal/store role.
opening the store url, and trying to login with the login / password of my user
Then having a message to inform me that the user has not the store profile.
If I log into carbon with my ldap user, it's working.
The same use case with the API looks fine to log into the store.
Any fix or ideas are welcome.
BR,
jfv
By the looks of it I suspect your issue is, the privileges are not set correctly for your ldap user store roles. Please make sure that you have assigned the internal/subscriber role to the relevant user in your permission tree. You can find more details about this at JIRA ticket [1]
[1] https://wso2.org/jira/browse/APPM-279
Cheers,
Pubudu
Hi and thank your for your answer,
first: I've checked this morning the solution you've proposed, and there is no change.
In a second time, I've tryied to add all privileges without more success
but if I create a new user manually, this one can login.
The following error in the log are shown when I try to login with an ldap user.
[2016-05-09 07:48:54,272] INFO - ReadOnlyLDAPUserStoreManager LDAP connection created successfully in read-only mode
[2016-05-09 07:48:54,283] INFO - UserStoreDeploymentManager Realm configuration of tenant:-1234 modified with /opt/wso2appm/repository/deployment/server/userstores/orange_com.xml
[2016-05-09 07:50:18,187] WARN - CarbonAuthenticationUtil Failed Administrator login attempt 'admin[-1234]' at [2016-05-09 07:50:18,187+0200]
[2016-05-09 07:50:18,189] WARN - AuthenticationHandler Illegal access attempt at [2016-05-09 07:50:18,0188] from IP address 10.199.210.37 while trying to authenticate access to service RemoteAuthorizationManagerService
[2016-05-09 07:50:18,189] ERROR - AUDIT_LOG Illegal access attempt at [2016-05-09 07:50:18,0188] from IP address 10.199.210.37 while trying to authenticate access to service RemoteAuthorizationManagerService
[2016-05-09 07:50:18,221] WARN - acs:jag User jaav7491 does not have permission to access the store application. Make sure the user has the store role.
the login is "jaav7491"
Thank you for your ideas,
BR,
jfv

Can't login to openfire administrator console. It always told me "make sure your username and password are correct"

I am new to OpenFire.
I have an OpenFire server on CentOS, but I'm unable to login to the admin console.
When I try, it always displays the following message:
"Make sure your username and password are correct and that you're an admin or moderator."
So far, I have tried the following:
Open openfire.xml
Reset setup by setting the setup parameter to 'false'
Restarting the OpenFire server
Accessing the admin console via browser
Select a DB to use. I selected my own database not the sample database for OpenFire.
When I tried to reset the password for admin, I was presented with the following OpenFire admin console (click to view) screen.
I can see changes in my database, but I'm still unable to log in.
I also tried modify the OfUser table directly, but I get the same result.
During the installation guide you must have setup your admin account to admin#XYZ and a password. Well at the time of the login use username as admin and password same as the one given at the time of installation.
After fresh installation, start the openfire setup in "root/administrator" account. Select all the required features in the installation. Give the password in the 'account' section carefully. After setup, you will be able to login with username as 'admin' and your selected password.