Configuring Authentication and Authorization
To enforce enterprise authentication and authorization requirements in TIBCO FTL servers and services, complete this task.
Procedure
-
Select an authentication service.
Choose one of the following:
-
Configure user names, passwords, and authorization groups.
Configure user credentials either in a flat file, or in your enterprise LDAP, depending on your choice in step 1.For the file syntax of the internal authentication service, see "Using the Internal Flat-File Authentication Service" in TIBCO FTL Administration.
- Ensure that users who run FTL servers are in the authorization group ftl-internal.
- Ensure that administrators who configure the FTL realm definition are in the group ftl-admin.
- Ensure that users who run FTL application programs or FTL services are in the group ftl.
- Ensure that device users who run eFTL apps are in the appropriate publish and subscribe authorization groups.
- You may also configure other authorization groups to manage access within your enterprise.
-
Start the external authentication service.
- If you chose an external authentication service in step 1, start that service
before starting the FTL server processes.
To start the sample external JAAS service, complete the task "Using the External JAAS Authentication Service" in TIBCO FTL Administration.
- If you chose the internal flat-file authentication service in step 1, no further action is necessary, as that service starts automatically when you start the FTL server.
- If you chose an external authentication service in step 1, start that service
before starting the FTL server processes.
Copyright © Cloud Software Group, Inc. All rights reserved.