Configuring BusinessConnect Container Editior/Auditsafe to use LDAP and Single-Sign-On (SSO)

Configuring BusinessConnect Container Editior/Auditsafe to use LDAP and Single-Sign-On (SSO)

book

Article ID: KB0070069

calendar_today

Updated On:

Products Versions
TIBCO BusinessConnect Container Edition 1.4.0 and above

Description

This article will describe how to configure BCCE/AuditSafe 1.4.0 and above to use SSO and LDAP with some common platforms:

Microsoft Azure Open ID Connect OIDC

Those 4 fields are required for the SSO OIDC configuration. The value cde6fa59-abb3-4971-be01-2443c417cbda is the Directory (tenant) ID.

TokenUrl: https://login.microsoftonline.com/cde6fa59-abb3-4971-be01-2443c417cbda/oauth2/v2.0/token

ClientId: 55e2829c-5ce5-4f60-8583-11d5d8d3a11e

AuthorizationUrl: https://login.microsoftonline.com/cde6fa59-abb3-4971-be01-2443c417cbda/oauth2/v2.0/authorize

ClientSecret: LAX8Q~w2z3ijQbzot-ba~8ewezJ1VZOx9B3vPcKH

OIDC standalone:

Those 4 fields are required for the SSO OIDC configuration.

TokenUrl: https://dev-egzhkltzt7p3uizi.us.auth0.com/oauth/token

ClientId: fQ9PK0x1G9NKTxpand715vxu1Id5McH9

AuthorizationUrl: https://dev-egzhkltzt7p3uizi.us.auth0.com/authorize

ClientSecret: 7rIU3_fZaGRLt55pDFiVyzhgJ6X3UpfqHawkWpAZwVMjRjFAc1gxHU8VbmN6ceFJ

LDAP

HostName :X.X.X.X (IP Address

Port :50000

BaseDN :CN=<first CN value>,CN=<next CN value>,DC=<first DC value>,DC=<second DC value>,DC=<third DC value>

Password :  <LDAP password>

BaseDN :<first CN value>,CN=<next CN value>,DC=<first DC value>,DC=<second DC value>,DC=<third DC value>

User Name Attribute: CN
 

Login information: <username>/<password

Configuration and Registering your App

On the Azure Enterprise applications https://entra.microsoft.com/#view/Microsoft_AAD_IAM/StartboardApplicationsMenuBlade/~/AppAppsPreview, you need to register a new App for your BCCE/AuditSafe to access. You need to enter the redirect URLs for BCCE and AuditSafe as below.

 

https://<machine-ip>:30000/sso/oidc/callback

https://<machine-ip>:31000/tas/sso/oidc/callback

 

Deployment on BCCE and AuditSafe

deployment.properties

# Enable https of servers for SSO redirect
# xx_https=[true|false]
ws_https=false
ws_redirect_url=<host_ip>:<ws_port>/tas/sso/oidc/callback

# keystore for https of web server

keystore_file=config/keystore.jks


as_https=false
as_redirect_url=<host_ip>:<as_port>/sso/oidc/callback

# public and private keys for https of admin server
certificate_file=config/certificate.pem
private_key_file=config/private_key.pem

 

 

Issue/Introduction

This article will cover the specific details to configure BusinessConnect Container Edition (BCCE).and AuditSafe (AS) to use LDAP and SSO

Environment

all platforms
Powered by Wolken Software