John creates a new security configuration to authenticate and authorize application users. John creates this security provider to test application-layer security before importing the package into the production environment.
- Click Security in the navigation pane, and
General in the administration pane, then click
New.
- In Create Security Configuration, name the security configuration AcmeAppSecurity, then click OK.
- In the navigation pane, expand the Security folder and
click the new security configuration node.
- In the administration pane, click the Authentication tab then click New to add a new LDAP security provider.
- Select com.sybase.security.ldap.LDAPLoginModule as the login
module.
- Configure the LDAP properties.
The
AuthenticationSearchBase and
RoleSearchBase properties ensure that only users and groups in the AcmeCorp organization unit are allowed access to Acme data.
| Property |
Value |
|---|
| BindDN
|
cn=Directory Manager |
| BindPassword
|
secret |
| AuthenticationSearchBase |
ou=AcmeCorp,ou=users,dc=example,dc=com
|
| DefaultSearchBase
|
dc=example,dc=com |
| ProviderURL
|
ldap://localhost:10389 |
| RoleMemberAttributes
|
uniquemember |
| RoleSearchBase |
ou=AcmeCorp,ou=groups,dc=example,dc=com
|
| AuthenticationScope
|
onelevel |
| ServerType |
openldap |
| RoleScope |
onelevel |
- Click OK.
- In the Authentication, Authorization, and Attribution tabs, delete NoSecLoginModule, NoSecAuthorizer, and NoSecAttributer, respectively.
- In the General tab, click Validate.
A confirmation message displays upon success.
- If the validation is successful, click Apply.
- Assign the security configuration to default domain so the security
configuration can be tested in the test environment.
- Expand the Domains folder, then click
Security.
- Click General tab, then click
Assign.
- Select AcmeAppSecurity.
- Click OK.