Specifying the binding parameters for a custom authentication service
Specify the binding parameters so that a custom authentication service can authenticate new requestors by accessing your repository.
- Open the service from the navigation panel in Dev Studio by clicking and choosing a service from the instance list, and then navigate to the Service tab.
-
In the
Authentication activity
field, press the Down Arrow key
and select the
AuthenticationLDAP
activity.
The activity must have Code-Security as the Applies To key part.
- In the Initial context factory field, enter the Java class name of the JNDI initial context factory to use to connect to the directory server, for example, com.sun.jndi.ldap.LdapCtxFactory.
-
In the
Directory
field, enter an explicit URL or a JNDI entry
which represents a directory located on the LDAP server. This approach enables you to
relocate servers without having to reconfigure the application.
For an explicit URL, use the following format: ldap[s]://[ servername ]:[ portnumber ] .For a JNDI entry, the syntax is dependent upon the server environment.
- In the Trust store field, press the Down Arrow key and select the truststore record that contains the server certificates.
- In the Bind distinguished name field, enter the credentials of the bind user who is allowed to search the directory tree for the credentials of a user who is attempting to log in. The standard LDAP authentication activities authenticate with the directory server as this user so it can then search the directory for users.
- Click Update Bind Password to enter a password for the bind user.
- In the Directory context field, enter the directory context that defines the branch in the Directory Information Tree (DIT) that holds information about the users who can be authenticated by this authentication server, for example, OU=people, DC=yourco, DC=com.
- Click Save.
- Click Test connectivity to check the connectivity to server and verify that the entered configuration JNDI binding parameters are correct.
Previous topic Configuring custom or Kerberos login authentication Next topic Identifying the operator for custom authentication services