+

Search Tips   |   Advanced Search

Configure LDAP authentication (WebSphere Application Server V8.x) - Application Center

Define users who can access the Application Center console and users who can log in to the client. We can configure LDAP based on the federated repository configuration only. This procedure shows you how to use LDAP to define the roles appcenteradmin and appcenteruser in WebSphere Application Server V8.x.

  1. Log in to the WebSphere Application Server console and go to...

      Security | Global security

    Verify that administrative security and application security are enabled.

  2. Go to...

      User account repository | Federated repositories | Configure

  3. Add a new repository and configure the required repository.

    Click...

      Add Base entry to Realm

    ...and specify the value of...

      Distinguished name of a base entry that uniquely identifies entries in the realm

  4. Click...

      Add Repository | LDAP Repository

  5. Give this repository a name and enter the values required to connect to the LDAP server.

  6. Under Additional Properties, click...

      LDAP entity types

  7. Configure the Group, OrgContainer, and PersonAccount properties.

  8. Save the configuration, log out, and restart the server.

  9. In the WebSphere Application Server console, map the security roles to users and groups.

    1. In the Configuration tab, select...

        Applications | WebSphere Enterprise applications | IBM_Application_Center_Services | Configuration tab | Details | Security role to user/group mapping

    2. For appcenteradmin and appcenteruser roles, select Map groups.

      This selection enables you to select users and groups inside the WebSphere user repository, including LDAP users and groups. The selected users can access the Application Center as appcenteradmin or appcenteruser. We can also map the roles to Special Subjects "All authenticated in application realm" to give everyone in the WebSphere user repository, including everyone registered in the LDAP registry, access to the Application Center.

  10. Repeat the procedure for IBM_Application_Center_Console. This time, selecting "IBM_Application_Center_Console instead of "IBM_Application_Center_Services".

  11. Click Save to save the changes.


What to do next

We must enable ACL management with LDAP. See Configure LDAP ACL management (WebSphere Application Server V8.x).


Parent topic: LDAP with WAS v8.x