Configuring LDAP Authenticator for Service Group

This topic describes the procedure for Configuring LDAP Authenticator for Service Group.

This configuration must be done for every group that will handle SOAP requests that use the WS-Security user token profile against an active directory. TheLDAPAuthenticatoris an implementation of the Authenticator that provides authentication against LDAP Directories, for example Active Directory or ADAM. TheauthenticateWeb service operation is used to create a connection to an Active Directory. This will check if the user name and password combination is valid. For more information on configuring an active directory to work with Cordys, refer Configuring an Active Directory.

1. On CUSP > My Applications , click (LDAP Explorer). The LDAP Explorer window appears.
2. Navigate to cordys > <organization> <soap nodes> and select the service group that should have the LDAP autheticator configured. The service group details are displayed.
3. Click the button in the bussoapnodeconfiguration row. The String (xml) - Edit XML for string window appears.
4. Add the authenticator node by copying the following text inside the <configuration> tag.

   <authenticator implementation="com.eibus.security.authentication.LDAPAuthenticator">
       <bus.authenticator.ldap.host>mdc-nl-ntdom0.vanenburg.com</bus.authenticator.ldap.host>
       <bus.authenticator.ldap.port>3268</bus.authenticator.ldap.port>
       <bus.authenticator.ldap.ssl>false</bus.authenticator.ldap.ssl>
       <bus.authenticator.ldap.bind>NTDOM\{0}</bus.authenticator.ldap.bind>
   </authenticator>
   

   
   Note:
   To use it for SSO it only need to be changed for the SSO Processor. The bind property is a template that is used for binding to LDAP. All '{0}' occurences are replaced by the user name. All properties need to be defined. If the bus.authenticator properties are not defined in the authenticator tag, it defaults to the settings in wcp.properties. An example of the properties that can be added to the wcp.properties file is:

   bus.authenticator.ldap.host=cnd1123 (replace by your ldap hostname) 
   bus.authenticator.ldap.port=6366
   bus.authenticator.ldap.ssl=true
   bus.authenticator.ldap.bind=cn\={0},cn\=authenticated users,cn\=cordys,o\=vanenburg.com
   

5. Change the authenticator node if you want to use another validator.
6. Click to save your changes.
7. Restart the service. To do this:
   
   1. On CUSP > My Applications , click (System Resource Manager). The System Resource Manager window appears.
   2. Right-click <service container> and click Restart.