Identifying the operator for Kerberos authentication services
Specify the operator mapping so that a Kerberos authentication service can find the requestor record in your repository and bring values back to Pega Platform.
- Open the service from the navigation panel in Dev Studio by clicking and choosing a service from the instance list, and then navigate to the Kerberos tab.
- If you are using LDAP, in the User principal name attribute field, enter the LDAP attribute name that is used for the User Principal Name on the LDAP server.
- On the Mapping tab, map the naming attributes in the directory
sever that correspond to the operator ID properties.
- Click the Add item icon, and add four attribute mapping rows.
- In the Property Name field, enter one of the following properties: .pyUserName, .pyOrganization, .pyOrgDivision, and .pyOrgUnit.
- In the Attribute Name field, enter the LDAP attribute that relates to the entered operator property.
-
On the
Custom
tab, in the
Source of operator
credentials
list, select where the operator credentials are
stored.
- Use credentials stored in PegaRULES – Only the users whose operator ID records do not have Use external authentication selected are allowed access through this service.
- Use externally stored credentials – Only the users whose operator ID records have Use external authentication selected are allowed access through this service.
- Click Save.
Previous topic Specifying the binding parameters for a Kerberos authentication service Next topic Configuring the challenge behavior for custom or Kerberos authentication services