![]() |
Copyright © TIBCO Software Inc. All Rights Reserved |
See ldap_conn_type below.
• ldap:// creates a TCP connection.
• ldaps:// creates an SSL connection.If the startTLS LDAP extension is required, additional JNDI parameters may be specified through the JAAS configuration. Alternately, you can customize the JAAS module. See Custom JAAS Modules for more information.In most cases, only a certificate key store is required. For convenience, the tibems.ldap.truststore parameter can be used to specify the store. Please refer to Java documentation for additional information regarding the use of SSL.The ldap_user_class and ldap_static_group_class parameters are not necessary in the JAAS modules. LDAP class names are specified in the filters, as in the following examples:Please refer to the filter documentation to map various identifiers. For example, in converting the user filter, the EMS server LDAP parameter, %s maps to {1} in the JAAS filter. Many group searches should work with a filter similar to:
1. Set the jre_library parameter to enable the JVM.
3. Enable JAAS for LDAP authentication by modifying the user_auth parameter. Remove ldap from the list of authentication sources, and verify that jaas is present. For example:
4. Edit the provided com.tibco.tibems.tibemsd.security.jaas.LDAPGroupUserAuthentication module for your LDAP server configuration:
a.
5. Set the jaas_config_file to reference the JAAS module configuration file created in step 4 above. For example:Consider the following LDAP server configuration parameters in the EMS server configuration file, tibemsd.conf:
![]() |
Copyright © TIBCO Software Inc. All Rights Reserved |