Content Platform Engine, Version 5.2.1              

Configuring Content Platform Engine application server authentication (LDAP) settings

You must configure the Content Platform Engine application server's authentication settings. These settings define the (LDAP) repository and search mechanism, which the application server uses to authenticate a user requesting Content Platform Engine service.

Before you begin

Important: Be aware that the changes you make to directory service provider settings overwrite the global security settings in the application server where Content Platform Engine is to be deployed. Run the Configure LDAP task only if you need to change the security settings.

Be sure that you have available the Installation and Upgrade Worksheet that was completed during your planning activities.

If you plan to configure Content Platform Engine to use the directory server's email attribute or, for Active Directory, the userPrincipalName (UPN) to be the user short name used for login, then you must perform additional configuration steps and enter specific values for your LDAP settings. For detailed steps, see Configure Content Platform Engine to use email or UPN for login.

Restriction: (JBoss Application Server only) Do not use Configuration Manager to configure multiple LDAP realms.

For manual procedures to configure multiple realms for application server authentication, see Configure multiple realms.

Procedure

To configure the LDAP settings:

  1. Open your completed Installation and Upgrade Worksheet file.
    Tip: In the worksheet file, verify that the Data > Filter > AutoFilter command is enabled. To view only Configuration Manager values, filter by CM: Configure LDAP in the Installation or Configuration Program column.
  2. If your configuration profile is not open in Configuration Manager, open the profile.
  3. Enter property values for the LDAP provider:
    1. Right-click Configure LDAP in the profile pane, and select Edit Selected Task.
    2. Enter the property values for your LDAP provider, by referring to the values from your worksheet.
  4. Optional: (WebSphere® and WebLogic only) Click Test LDAP Connection to test the connection to the directory service provider by using the directory service bind user name, host name, port number, and password that you provided.
  5. Click Save to save your changes.
  6. Ensure that the task is enabled. When the task is disabled, the task name includes the text (disabled). To enable the task, select Configure LDAP (disabled) in the profile pane, and then either right-click and click Enable Selected Task from the menu, or click the Enable the Selected Task icon in the task toolbar.
  7. Apply the LDAP property settings by right-clicking Configure LDAP in the profile pane and selecting Run Task. Running the configuration task can take several minutes. The task execution status messages are displayed in the console pane below the LDAP properties.
  8. Close the Configure LDAP task pane.

Results

Oracle WebLogic Server only. When you run the Configure LDAP task, the weblogic.security.providers.authentication.DefaultAuthenticator.ControlFlag value is set to SUFFICIENT for authenticating users.



Last updated: October 2015
p8pup639.htm

© Copyright IBM Corporation 2013, 2015.