Configuring CSI Security for Unwired Server

When you first install the Deployment option, the Unwired Server and Sybase Unified Agent initially have no security. Use Sybase Control Center to configure CSI Security for the Unwired Server using your security servers.

Initially, you can log in with any credentials so that you can configure security for Sybase Control Center and Unwired Platform. An LDAP browser can provide helpful information about your LDAP server and expedite the configuration process.

  1. Start Sybase Control Center.
  2. For the Unwired Server, log in with any credentials.
  3. In the Authentication tab, click New to add a new LDAP login module.
  4. Add the additional provider details.
  5. In the Authorization tab, add the com.sybase.security.ldap.LDAPAuthorizer and com.sybase.security.core.RoleCheckAuthorizer modules.
  6. In the General tab, click Apply to save changes.
  7. Exit Sybase Control Center.
  8. Increase the logging level to test the new security changes.
    1. Open <install_dir>Servers\UnwiredServer\config\logging.properties.
    2. Set java.util.logging.FileHandler.limit = 5000000.
    3. Set java.util.logging.FileHandler.formatter = java.util.logging.SimpleFormatter.
    4. Send ConsoleHandler output to ml.log.
    5. Set com.sybase.security.level = FINEST.

      Output goes to \logs\java0.log.

    6. Save the file.
  9. Stop and restart Unwired Server.
  10. Start Sybase Control Center and log in as a valid user.
  11. View the java0.log file to make sure:
    • The LDAP provider is being called.
    • Sybase Control Center connected to the LDAP server.
    • The DefaultSearchBase was able to resolve the login to the full DN in the organizational structure
    • Authentification succeeded.
  12. Perform role-mapping to map the SUP Admininstrator role to a correspondng role on your LDAP server.
    1. Stop Unwired Server.
    2. Open <install_dir>Servers\UnwiredServer\tomcat\conf\CSI\UEPRoleMapping.xml.
    3. Edit the <DefaultMapping>element to map an existing LDAP group to the SUP Administrator role. 
      <DefaultMapping>
<LogicalName>SUP Administrator</LogicalName>
<MappedName>Admin</MappedName>
</DefaultMapping>

      Select an existing group whose members would perform administrative tasks for Sybase Unwired Platform. If necessary, create an appropriate group, add users to it, and then map it the SUP Administrator logical role.

    4. Save the XML file and restart Unwired Server.
  13. Start Sybase Control Center and log in.
  14. In the Authentication tab, delete com.sybase.security.core.NoSecLoginModule.
  15. In the General tab, click Apply.
  16. Restart Unwired Server.
  17. Log in to Sybase Control Center to verify security is set.
Parent topic: Configuring an LDAP Provider
Related concepts
Configuring an LDAP Provider for Sybase Control Center
Configuring an LDAP Provider for Unwired Server
Sharing an LDAP Repository Between Afaria and Unwired Server

Created September 17, 2009. Send feedback on this help topic to Sybase Technical Publications: pubs@sybase.com