IBM E02HRLL-G Administration Guide - Page 81
LDAP support for logon authentication, Using LDAP
![]() |
View all IBM E02HRLL-G manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 81 highlights
Chapter 7. LDAP support for logon authentication In addition to using WebSphere Partner Gateway partner registry for console authentication, WebSphere Partner Gateway supports Lightweight Directory Access Protocol (LDAP) container-based authentication that uses the WebSphere Application Server authentication mechanism. WebSphere Application Server supports 3 types of authentication: 1. LDAP registry 2. Local operating system registry 3. Custom registry WebSphere Partner Gateway uses WebSphere Application Server LDAP registry authentication. By enabling the container managed authentication in applications like WebSphere Partner Gateway which are deployed in WebSphere Application Server, the administrator can manage user authentication in a central location outside of the WebSphere Partner Gateway application. Using LDAP Use LDAP when Container based authentication is selected: v During installation. v By setting the attribute bcg.ldap.containerauth located in Console System Administration > Common Properties to True. Enabling the container managed authentication mechanism To enable the container managed authentication mechanism, set the bcg.ldap.containerauth property value to True in the WebSphere Partner Gateway console, then configure the WebSphere Application Server Global Security setting to use LDAP. After you have enabled the authentication, users are authenticated against the LDAP server when logging into WebSphere Partner Gateway. Note: When LDAP is enabled during the installation process, the administrator must ensure that the configured LDAP server is given a user named hubadmin, This is a valid logon user name for LDAP authentication regardless of whatever logon type is chosen. Enabling J2EE security About this task If you are enabling J2EE security in addition to WebSphere Application Server global security, create a policy file (for example: wpg.policy) for the Java Runtime Environment (JRE) granting the necessary security permissions. To add this file into the JRE, perform the following steps: 1. Make an entry in the java.security file residing in the WASND_ROOT/java/jre/ lib/security folder. The syntax for the new entry in the java.security file is: policy.url.3=file:///fully qualified path/wpg.policy 2. Restart all of the Java processes. © Copyright IBM Corp. 2007, 2008 75
![](/manual_guide/products/ibm-e02hrllg-administration-guide-f948001/81.png)