Copyright © TIBCO Software Inc. All Rights Reserved
Copyright © TIBCO Software Inc. All Rights Reserved


Chapter 10 Configuring User Authentication : Configuring Authentication

Configuring Authentication
This section explains how to select file-based authentication or LDAP-based authentication, and how to configure each authentication option. It assumes that the provided JAAS login module is used. See User Authentication Overview for more background information.
You can use a different authentication type and a different password file or LDAP settings for each TIBCO BusinessEvents product that uses authentication. You can actually do so for each engine (processing unit) configured for authentication, but this is not usually needed.
To Enable Authentication and Select File or LDAP Authentication Type
1.
For TIBCO BusinessEvents Monitoring and Management:
BE_HOME/mm/project/emonitor > MM.cdd > mm-class agent class > properties > mm > auth property group
ToBeMonitored_Project > project.cdd > Cluster properties > auth property group
For TIBCO BusinessEvents Decision Manager:
BE_HOME/rms/project/BRMS > RMS.cdd > Cluster properties > RMS property group
For TIBCO BusinessEvents Views:
Your_Project > project.cdd > dashboard-class agent > properties
2.
   be.auth.type=[file|ldap]
For MM authentication use the property:
   be.mm.auth.type=[file|ldap]
3.
For authentication, Active Directory requires the domain name, for example, abc@acme.com, and not distinguished name (which is used with Oracle Directory Server). If you are using Active Directory for authentication, ensure that the userPrincipalName attribute is set on AD server.
To Configure File-Based Authentication
This procedure continues the instructions in To Enable Authentication and Select File or LDAP Authentication Type.
1.
In the CDD file, add (or configure) the property be.auth.file.location and set the value to the location of your password file.
For MM authentication use the property: be.mm.auth.file.location
2.
3.
   Username:password:role,role,role;
Do not use spaces. For example here are some entries that might be used in TIBCO BusinessEvents Decision Manager:
   Mark:A31405D272B94E5D12E9A52A665D3BFE:BUSINESS_USER,APPROVER;
   James:21232f297a57a5a743894a0e4a801fc3:RULE_ADMINISTRATOR;
For MM authorization roles see Configure User Authorization for Administrator and User Roles

Copyright © TIBCO Software Inc. All Rights Reserved
Copyright © TIBCO Software Inc. All Rights Reserved