You must configure the Content Platform Engine application server's
authentication settings. These settings define the (LDAP) repository
and search mechanism, which the application server uses to authenticate
a user requesting Content Platform Engine service.
Before you begin
Important: Be aware that the changes you make
to directory service provider settings overwrite the global security
settings in the application server where Content Platform Engine is to be deployed.
Run the Configure LDAP task only if you need to change the security
settings.
Be sure that you have available the Installation
and Upgrade Worksheet that was completed during your planning activities.
If
you plan to configure Content Platform Engine to
use the directory server's email attribute or, for Active Directory,
the userPrincipalName (UPN) to be the user short name used for login,
then you must perform additional configuration steps and enter specific
values for your LDAP settings. For detailed steps, see Configure Content Platform Engine to use email or UPN
for login.
Restriction: (JBoss Application Server only) Do not use Configuration Manager to configure
multiple LDAP realms.
For
manual procedures to configure multiple realms for application server
authentication, see Configure multiple realms.
Procedure
To configure the LDAP settings:
- Open your completed Installation and Upgrade
Worksheet file.
Tip: In the worksheet file,
verify that the command is enabled.
To view only Configuration Manager values,
filter by CM: Configure LDAP in the Installation
or Configuration Program column.
- If your configuration profile is not open in Configuration Manager, open the profile.
- Enter property values for the LDAP provider:
- Right-click Configure LDAP in
the profile pane, and select Edit Selected Task.
- Enter the property values for your LDAP provider, by
referring to the values from your worksheet.
- Optional: (WebSphere® and WebLogic only)
Click Test LDAP Connection to test the connection
to the directory service provider by using the directory service bind
user name, host name, port number, and password that you provided.
- Click Save to save your changes.
- Ensure that the task is enabled. When
the task is disabled, the task name includes the text (disabled).
To enable the task, select Configure LDAP (disabled) in
the profile pane, and then either right-click and click Enable
Selected Task from the menu, or click the Enable
the Selected Task icon in the task toolbar.
- Apply the LDAP property settings by right-clicking Configure
LDAP in the profile pane and selecting Run
Task. Running the configuration task can take
several minutes. The task execution status messages are displayed
in the console pane below the LDAP properties.
- Close the Configure LDAP task pane.
Results
Oracle WebLogic Server only.
When you run the Configure LDAP task, the weblogic.security.providers.authentication.DefaultAuthenticator.ControlFlag value
is set to SUFFICIENT for authenticating users.