ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Protecting WebLogic 10 Applications with Web Agent via reverse proxy


Article ID: 51281


Updated On:


CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On



I am protecting WebLogic 10 Applications with Web Agent located on a separate Apache Reverse Proxy. Once I am logged in by SiteMinder, I get an error 401 unauthorized by Weblogic, and if I refresh the screen, I get prompted by Weblogic to authenticate.

How can I integrate both ? Do I need to use ASA Agent on Weblogic?


You can integrate both by disabling security on Weblogic 10 as setting this parameter:


to false as:


in config.xml file. Then, SiteMinder Web Agent on the Apache Reverse Proxy will protect and manage authentication and authorization for your Applications.

If you need finer use of Weblogic and activating the security on it, you can then delegate the Authorization process to Weblogic installing on it the ASA Agent for Weblogic.


Component: SMAPC