Hitachi

uCosminexus Application Server Security Management Guide

5.19.3 Example of setting the configuration file

This section gives an example of setting the user information that has the directory configuration as shown in the following figure.

Figure 5‒26: Example of user information directory configuration

[Figure]
Organization of this subsection

(1) Example of the jaas.conf settings

jaas.conf stores the user authentication information. Specify the login module name and the repository number specified in ua.conf (the LDAP directory server or RDB) in jaas.conf. The following figure shows an example of the jaas.conf settings.

Figure 5‒27: Example of the jaas.conf settings

[Figure]

To Page Top

(2) Example of the attribute list settings

The attribute list contains the user information that is obtained when the user is successfully authenticated (attribute name) and the alias is used to reference it. The following figure shows an example of the attribute list settings (c:\RealmA\config\AliasFile.csv (in Windows) or /tmp/RealmA/config/AliasFile.csv (in UNIX)).

Figure 5‒28: Example of setting the attribute list settings

[Figure]

Note that the attribute list can be directly specified within the program by using the AttributeEntry class without creating the file.

To Page Top

(3) Example of the ua.conf settings

ua.conf stores the repository access information (the LDAP directory server or RDB). The following figure shows an example of the ua.conf settings.

Figure 5‒29: Example of the ua.conf settings (in Windows)

[Figure]
Figure 5‒30: Example of the ua.conf settings (in UNIX)

[Figure]

The following figure shows an example of the authentication program coding.

Figure 5‒31: Example of the authentication program coding (in Windows)

[Figure]
Figure 5‒32: Example of the authentication program coding (in UNIX)

[Figure]

To Page Top

(4) Example of supporting single sign-on (when using the standard login module)

jaas.conf needs to be edited so that the user authentication library login module supports single sign-on. The following figure shows an example of supporting single sign-on (when using the standard login module).

Figure 5‒33: Example of supporting single sign-on (when using the standard login module)

[Figure]

To Page Top

(5) Example of supporting single sign-on (when using the custom login module)

jaas.conf and the authentication program coding must be edited so that the custom login module supports single sign-on. In addition, the custom login module definition item must be specified in ua.conf, which corresponds to the login module identifier ("Krb5" in the example). The following figure shows an example of supporting single sign-on (when using the custom login module).

Figure 5‒34: Example of supporting single sign-on (when using the custom login module)

[Figure]

To Page Top

Trademarks

All Rights Reserved. Copyright (C) 2022, Hitachi, Ltd.