Monday, August 4, 2014

Apache Server Basic Authentication with Weblogic

In this article we will see how to configure basic Authentication in Apache server which will allow to ask for a user name and password.

1. Create a file in a location like myuser.txt. add the contents

This the user name and password combination

2. Now once the file is created we need to encrypt the password using using the htpasswd command like

[root@localhost conf]# htpasswd -b myuser.txt testuser testuser
Updating password for user testuser

Now check the file and we can see the encrypted password as
[root@localhost conf]# cat myuser.txt

3. Configure the httpd.conf file with the basic Authentication as

<Location />
SetHandler weblogic-handler
AuthUserFile /etc/httpd/conf/myuser.txt
AuthName "This is a Protected Area"
AuthType Basic
Require valid-user

<IfModule mod_weblogic.c>
WeblogicCluster localhost:17003,localhost:17004
#WebLogicCluster MS1:17003,MS2:17004
Debug ON
WLLogFile /tmp/wlproxy.log
WLTempDir /tmp
MatchExpression /*
DebugConfigInfo ON
KeepAliveSecs 15
DynamicServerList ON


The four parameters in the <Location> element are the one that allow apache to ask for a User Name and Password combination. Once the user name and password are provided the request is passed to the backed weblogic but we need to add a parameter in the weblogic config.xml. The parameter needs to be added Otherwise Weblogic Server will try to validate the BASIC authentication Header. The problem is that if there is some request to your application with "Authorization" header the request will be intercepted by Weblogic itself and will not be passed to your application. Weblogic will try to make authentication itself.

Happy learning, More to Come


  1. Hi

    So what is the parameter to add in the config.xml file on the weblogic side?

  2. Hi,
    Did you manage to find out out how to resolve AUTHTYPE Basic integration with Weblogic handler issues?

    Thanks, Edward