Chapter 7. Ldap Support For Logon Authentication; Using Ldap; Enabling The Container Managed Authentication Mechanism; Enabling J2Ee Security - IBM E02HRLL-G - WebSphere Partner Gateway Express Administration Manual

Chapter 7. LDAP support for logon authentication

In addition to using WebSphere Partner Gateway partner registry for console
authentication, WebSphere Partner Gateway supports Lightweight Directory Access
Protocol (LDAP) container-based authentication that uses the WebSphere
Application Server authentication mechanism. WebSphere Application Server
supports 3 types of authentication:
1. LDAP registry
2. Local operating system registry
3. Custom registry
WebSphere Partner Gateway uses WebSphere Application Server LDAP registry
authentication. By enabling the container managed authentication in applications
like WebSphere Partner Gateway which are deployed in WebSphere Application
Server, the administrator can manage user authentication in a central location
outside of the WebSphere Partner Gateway application.

Using LDAP

Use LDAP when Container based authentication is selected:
v During installation.
v By setting the attribute bcg.ldap.containerauth located in Console System

Enabling the container managed authentication mechanism

To enable the container managed authentication mechanism, set the
bcg.ldap.containerauth property value to True in the WebSphere Partner Gateway
console, then configure the WebSphere Application Server Global Security setting
to use LDAP. After you have enabled the authentication, users are authenticated
against the LDAP server when logging into WebSphere Partner Gateway.
Note: When LDAP is enabled during the installation process, the administrator
must ensure that the configured LDAP server is given a user named hubadmin,
This is a valid logon user name for LDAP authentication regardless of whatever
logon type is chosen.

Enabling J2EE security

About this task
If you are enabling J2EE security in addition to WebSphere Application Server
global security, create a policy file (for example: wpg.policy) for the Java Runtime
Environment (JRE) granting the necessary security permissions. To add this file
into the JRE, perform the following steps:
1. Make an entry in the java.security file residing in the WASND_ROOT/java/jre/
2. Restart all of the Java processes.
© Copyright IBM Corp. 2007, 2008
Administration > Common Properties to True.
lib/security folder.
The syntax for the new entry in the java.security file is:
policy.url.3=file:///fully qualified path/wpg.policy
75