How to setup external LDAP authorization using JAAS plugin feature in EMS 5.x?
Article ID: KB0087451
Updated On:
| Products | Versions |
|---|---|
| TIBCO Enterprise Message Service | - |
| Not Applicable | - |
Description
Resolution:
The sample program:LDAPSearchLoginModule.java is provided through TIBCOmmunity at http://www.tibcommunity.com/docs/DOC-1250.
To setup LDAP authorization using this sample program, you need to do followings:
1. Build the sample java program into a jar file, for example: jaas_ldap.jar
2. Create the JAAS configuration file: jaas_ldap.conf, for example:
============================================
EMSUserAuthentication {
com.tibco.example.LDAPSearchLoginModule required
ems_ldap.url="ldap://some_ldap_server:389"
ems_ldap.binding_name="cn=Administrator,cn=users,dc=test,dc=some_company,dc=com"
ems_ldap.binding_password="AdministratorPassword"
ems_ldap.user_base_dn="cn=users,dc=test,dc=some_company,dc=com"
ems_ldap.user_attribute="cn"
ems_ldap.scope="subtree"
ems_ldap.debug="enabled"
ems_ldap.retries="10"
ems_ldap.retry_delay="1000";
};
============================================
3. Modify the tibemsd-jaas.conf under {EMS_install_dir}/samples/security directory:
1). set jaas_config_file to jaas_ldap.conf.
2). set jaas_classpath to include jaas_ldap.jar
3). comment out the JACI prameters if you don't use JACI.
4). make sure jar_library is set to the correct JVM shared library installed on the machine.
Start EMS 5.x server with the configure file:tibemsd-jaas.conf and test external LDAP authorization.
The sample program:LDAPSearchLoginModule.java is provided through TIBCOmmunity at http://www.tibcommunity.com/docs/DOC-1250.
To setup LDAP authorization using this sample program, you need to do followings:
1. Build the sample java program into a jar file, for example: jaas_ldap.jar
2. Create the JAAS configuration file: jaas_ldap.conf, for example:
============================================
EMSUserAuthentication {
com.tibco.example.LDAPSearchLoginModule required
ems_ldap.url="ldap://some_ldap_server:389"
ems_ldap.binding_name="cn=Administrator,cn=users,dc=test,dc=some_company,dc=com"
ems_ldap.binding_password="AdministratorPassword"
ems_ldap.user_base_dn="cn=users,dc=test,dc=some_company,dc=com"
ems_ldap.user_attribute="cn"
ems_ldap.scope="subtree"
ems_ldap.debug="enabled"
ems_ldap.retries="10"
ems_ldap.retry_delay="1000";
};
============================================
3. Modify the tibemsd-jaas.conf under {EMS_install_dir}/samples/security directory:
1). set jaas_config_file to jaas_ldap.conf.
2). set jaas_classpath to include jaas_ldap.jar
3). comment out the JACI prameters if you don't use JACI.
4). make sure jar_library is set to the correct JVM shared library installed on the machine.
Start EMS 5.x server with the configure file:tibemsd-jaas.conf and test external LDAP authorization.
Issue/Introduction
How to setup external LDAP authorization using JAAS plugin feature in EMS 5.x?
Attachments
Feedback
Yes
No
Powered by
