John creates a new security configuration that defines production-ready security providers for ABC to prepare the domain for eventual package deployment.
The package uses a security provider created exclusively for ABC's domain. These security providers are configured against ABC's own repository so only ABC users are the ones authenticated in a production deployment of the package.
- Log into Sybase Control Center with the user credentials of
John/John.
- Click
Security
in the navigation pane,
select the
General tab in the administration pane, and click
New.
- In Create Security Configuration, name the
security configuration ABCAppSecurity, then click
OK.
- In the navigation pane, expand the
Security
folder and click the new security configuration node.
- In the administration pane, click the
Authentication tab then click New to
add a new LDAP security provider.
- Select com.sybase.security.ldap.LDAPLoginModule as the login
module.
- Configure the LDAP properties.
The
AuthenticationSearchBase and
RoleSearchBase properties ensure that only users and groups
in the ABCCompany organization unit are allowed access to ABC data.
Property |
Value |
BindDN
|
cn=Directory
Manager |
ControlFlag |
required |
BindPassword
|
secret |
AuthenticationSearchBase |
ou=ABCCompany,ou=users,dc=example,dc=com
|
DefaultSearchBase
|
dc=example,dc=com |
ProviderURL
|
ldap://localhost:10389 |
RoleMemberAttributes
|
uniquemember |
RoleSearchBase |
ou=ABCCompany,ou=groups,dc=example,dc=com
|
AuthenticationScope
|
onelevel |
ServerType |
openldap |
RoleScope |
onelevel |
- Click
OK.
- In the Authentication,
Authorization, and Attribution tabs,
delete NoSecLoginModule,
NoSecAuthorizer, and
NoSecAttributer, respectively.
- In the General tab, click
Validate.
A confirmation message is displayed upon success.
- If the validation is successful, click
Apply.