John creates a new security configuration to authenticate and authorize application users. John creates this security provider to test application-layer security before importing the package into the production environment.
- Click Security Configuration in the navigation pane, then in the administration pane, click New.
- In Create Security Configuration, name the security configuration AcmeAppSecurity, then click OK.
- In the navigation pane, expand the Security Configuration folder and click the new security configuration node.
- In the administration pane, click the Authentication tab then click New to add a new LDAP security provider.
- Configure the LDAP properties.
The
AuthenticationSearchBase and
RoleSearchBase properties ensure that only users and groups in the AcmeCorp organization unit are allowed access to Acme data.
Property |
Value |
BindDN
|
cn=Directory Manager |
BindPassword
|
secret |
AuthenticationSearchBase |
ou=AcmeCorp,ou=users,dc=example,dc=com
|
DefaultSearchBase
|
dc=example,dc=com |
ProviderURL
|
ldap://localhost:10389 |
RoleMemberAttributes
|
uniquemember |
RoleSearchBase |
ou=AcmeCorp,ou=groups,dc=example,dc=com
|
AuthenticationScope
|
one-level |
ServerType |
openldap |
RoleScope |
one-level |
- Click Save.
- In the Authentication, Authorization, and Attribution tabs, delete NoSecLoginModule, NoSecAuthorizer, and NoSecAttributer, respectively.
- In the General tab, click Validate.
A confirmation message displays upon success.
- If the validation is successful, click Apply.
- Assign the package to default domain so the package and the security configuration can be tested in the test environment.
- Expand the Domains folder, then click default.
- Click Security Configurations tab, then click Assign.
- Select AcmeAppSecurity.