Copyright © TIBCO Software Inc. All Rights Reserved
Copyright © TIBCO Software Inc. All Rights Reserved


Chapter 4 System Settings : User Authentication Configuration

User Authentication Configuration
This system settings window is used to add or remove the user authentication source for TIBCO BusinessConnect. These source types are:
Supported LDAP servers include Open LDAP, IBM Tivoli Directory Server LDAP, Microsoft Directory LDAP, Sun ONE LDAP.
The user authentication sources listed on the User Authentication Configuration page are ordered by priority. At run time, when an external user is to be authenticated by the system it will be authenticated against the source in the order from the top to bottom. However, when you manage the users on the BusinessConnect > User Management > Users page, only the source at the top is the target source of your management activities.
Adding an Authentication Source
1.
Click Add to add an authentication source.
2.
After the LDAP server or a BC Database are configured, they are displayed in the Source Alias list.
LDAP Server
When LDAP is selected, a window opens with the configuration fields described in Table 18:
Base DN: dc=na,dc=tibco,dc=com
User Search Filter: objectclass=person
It is good practice to use the value of cn for all the supported LDAP servers.
Note: Different LDAP servers have different User to Group or Role membership attributes. For example, specify the value of memberOf for the Open LDAP server or Microsoft Active Directory LDAP server, nsrolsedn for the Sun ONE LDAP server, and ibm-allGroups for the IBM Tivoli Directory Server.
Click Test Connection to verify whether the connection works.
See LDAP Configuration for more information about the LDAP Role BaseDN Attribute.
BC Database
The BC Database option is added by default when a user chooses it and it is then used as a source of user information.
Authentication Source Defaults
The added and configured authentication sources are displayed in the Source Alias list. The Priority column indicates the order in which TIBCO BusinessConnect will use the sources to authenticate external users. For example, if you add BC Database and then LDAP as authentication sources, BCDB (the BC Database alias) will be listed first in the Source Alias list with a Priority of 1; LDAP will be listed second in the Source Alias list with a Priority of 2. When authenticating external users, TIBCO BusinessConnect will use BCDB, the source with a Priority of 1, first. If authentication fails with that source, TIBCO BusinessConnect will retry the authentication using LDAP, the source with a Priority of 2.
You can use Move Up and Move Down in User Authentication Configuration to adjust the priority of an authentication source.
Removing the Configured LDAP Server or the BC Database
Click Remove to remove the configured LDAP server or a BC Database.

Copyright © TIBCO Software Inc. All Rights Reserved
Copyright © TIBCO Software Inc. All Rights Reserved