webMethods

webMethods

Join this online group to communicate across IBM product users and experts by sharing advice and best practices with peers and staying up to date regarding product enhancements.

 View Only
Back to Library

Enabling LDAP basic authentication in CTP 

Fri September 24, 2021 03:25 AM

Here are the steps to enable LDAP authentication in Software AG Runtime (CTP).

  1. In ‘<SAG_HOME>/profiles/CTP/configuration/jaas.config’ file, add your LDAP settings in the beginning:
LdapRealm { 
com.softwareag.security.sin.is.ldap.lm.LDAPLoginModule required alias="name3"
logLevel="DEBUG" 
logFile="../../profiles/CTP/logs/sin.log" 
useLog="TRUE" 
url="<YourLdapServerUrl>" 
prin="CN=<YourUserName>,OU=User,DC=<YourLdapOrgKeys>"
cred="<YourLdapPassword>" 
useaf="false" usecaching="false" 
creategroups=true 
gidprop="SAMAccountName" 
uidprop="SAMAccountName" 
userrootdn="DC=<YourLdapOrgKeys>" 
grouprootdn="DC=<YourLdapOrgKeys>"; 
};
  1. In ‘<SAG_HOME>/profiles/CTP/configuration/tomcat/conf/server.xml’, next line after ‘Realm…’ add:
 <Realm className="com.softwareag.platform.catalina.auth.SINRealm" name="LdapRealm"/>
  1. In ‘<SAG_HOME>/profiles/CTP/configuration/tomcat/conf/web.xml’, near the end (just before ‘web-app’ closing element) add:
<security-constraint>
<web-resource-collection>
<web-resource-name>YourServiceName</web-resource-name>
<url-pattern>/services/YourServiceEndpoint/</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>*</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>LdapRealm</realm-name>
</login-config>
<security-role>
<role-name>*</role-name>
</security-role>

The tricky part is the ‘role-name’. The ‘*’ means any role.


#wss
#webMethods
#basic-auth
#ldap
#CTP

Statistics
0 Favorited
1 Views
0 Files
0 Shares
0 Downloads