Only LDAP can be used as a security provider for access control.
The relationships among the roles, resources, and actions are managed through the XML policy file. Use the CSI file to configure the server to use access control.
- Configure the security settings to use LDAP authentication.
- When editing the node's configuration file (for example, node1.xml), specify
the policy file as follows:
<Csi>
<Policy>policy.xml</Policy>
<File>csi_openldap.xml</File>
</Csi>
- Edit the csi_ldap.xml file as appropriate.
- Configure the roles, resources, and actions in the policy file.
When the client makes a login call, the security provider authenticates the user. When a user tries to perform an action on a resource, the server determines if the user's role grants access to the action and resource. If so, the user is authorized for the action for the resource. Otherwise, action is denied.