Configuring TDV as the Client
If you are creating a new REST, SOAP, WSDL, or XML/HTTP data source that needs to use NTLM authentication, follow these steps.
To implement NTLM authentication where TDV is the client
1. Install the latest version and patches for TDV.
2. To verify that the necessary libraries and files have been installed, make sure that Common_WindowsSSPI_JNI.dll exists in one of the following directories:
<TDV_install_dir>\apps\server\lib\win64
<TDV_install_dir>\apps\common\lib\win64
3. Configure an LDAP domain.
a. Open Manager in your Web browser.
b. Choose SECURITY > Domain Management to open the DOMAIN MANAGEMENT page.
c. Add a new LDAP domain that specifies an LDAP domain and password.
d. Add the groups and users to the new LDAP domain who need to consume resources using NTLM authentication.
4. Using Studio, set the NTLM authentication configuration parameters:
a. Choose Administration > Configuration to access the TDV Configuration window.
b. Expand the TDV Server > Configuration > Security > Authentication configuration parameters:.
c. Change parameters as shown in the table.
Parameter | Description of Change to Make |
Allow NTLM Authentication | Change this value to True. |
Tolerate Unused HTTP Authentication Schemes | Keep the default: WARN. (Valid values are WARN, IGNORE, ERROR.) |
Windows Domain Mapping | Enter a key-value pair that maps the Windows domain of an authenticated user to the name of the corresponding external domain as it is defined in the TDV Server (the name of the LDAP domain you created). The values entered are case-sensitive. |
5. Create a new Web service for the REST, SOAP, WSDL, or XML/HTTP data source and publish a resource to the new Web service.
For information about publishing Web resources, see information on publishing in the TDV User Guide.
6. For a REST Web service, follow these steps:
a. Open the REST TDV Web service that you want to configure for NTLM authentication.
b. Select the REST tab.
c. Set these Service properties to configure for NTLM:
— Enabled: true
— Enable HTTP NTLM: true
7. For a SOAP or WSDL TDV Web service, follow these steps:
a. Open the SOAP or WSDL TDV Web service that you want to configure for NTLM authentication.
b. Select the SOAP tab.
c. Set these properties to configure for NTLM:
— Enabled: true
— Security Policy: /policy/security/system/Http-NTLM-Authentication.xml
8. In Studio, create a new REST, SOAP, WSDL, or XML/HTTP data source, specifying the following parameters on the Basic tab:
REST connection parameters:
Connection Type | Parameters to Specify |
REST | Base URL: URL to access this REST data source using the syntax: Login: <LDAP login for this domain> Password: <LDAP password for this domain> Pass-through Login: Disabled Authentication: NTLM Domain: <LDAP domain name> Method: For the XML/HTTP protocol, under Operations, the specification for HTTP Verb must be POST or GET. |
REST example:
SOAP connection parameters:
Connection Type | Parameters to Specify |
SOAP | URL: <URL to access this SOAP data source> Login: <LDAP login for this domain> Password: <LDAP password for this domain> Pass-through Login: Disabled Authentication: NTLM Domain: <LDAP domain name> |
SOAP example:
WSDL connection parameters:
Connection Type | Parameters to Specify |
WSDL Connection Information | URL: <URL to access this WSDL> Login: <LDAP login for this domain> Password: <LDAP password for this domain> Pass-through Login: Disabled Authentication: NTLM Domain: <LDAP domain name> |
WSDL example:
XML/HTTP connection parameters:
Connection Type | Parameters to Specify |
XML/HTTP Connection Information | URL: <URL to access this WSDL> Login: <LDAP login for this domain> Password: <LDAP password for this domain> Pass-through Login: Disabled Authentication: NTLM Domain: <LDAP domain name> Method: For the XML/HTTP protocol, under Operations, the specification for HTTP Verb must be POST or GET. |
XML/HTTP example:
9. Verify that the connection works:
a. Introspect the REST, SOAP, or WSDL data source.
b. Open the Web service operation and run it.
