IBM Sterling B2B: Autenticando no B2Bi via LDAP (sem o SEAS)

Vamos configurar o IBM Sterling B2Bi para autenticar a um diretório LDAP/Microsoft Active Directory

Importante:


 * o Sterling B2Bi deve se conectar ao LDAP, ou seja, as portas devem estar abertas no firewall.
 * o usuário de Bind já deve estar criado no LDAP Server
 * utilize o arquivo customer_overrides.properties.in para evitar que as mudanças sejam sobrescritas ao aplicar um Fix

= Procedimento =

Adicionando as propriedades no arquivo
Edite o arquivo customer_overrides.properties e adicione:

authentication_policy.authentication_1.className=com.sterlingcommerce.woodstock.security.LDAPAuthentication authentication_policy.authentication_1.enabled=true authentication_policy.authentication_1.jndi_factory=com.sun.jndi.ldap.LdapCtxFactory authentication_policy.authentication_1.display_name=ldap.test.net - OpenLDAP SB2BI --> display name no B2Bi authentication_policy.authentication_1.server=ldap.test.net authentication_policy.authentication_1.port=389 authentication_policy.authentication_1.security_type=simple authentication_policy.authentication_1.principle=cn=ldapadm,dc=test,dc=net --> bind user in LDAP tree authentication_policy.authentication_1.credentials=password authentication_policy.authentication_1.password_attribute=userPassword authentication_policy.authentication_1.search_root=ou=People,dc=test,dc=net --> base dn para os usuários authentication_policy.authentication_1.search_filter=(uid= ) authentication_policy.authentication_1.security_type=simple authentication_policy.authentication_1.with_user_bind=true authentication_policy.authentication_1.connect_pool=false authentication_policy.authentication_1.connect_pool_var=com.sun.jndi.ldap.connect.pool authentication_policy.authentication_1.connect_timeout=50000 authentication_policy.authentication_1.connect_timeout_var=com.sun.jndi.ldap.connect.timeout
 * 1) LDAP Configuration 1 without SEAS - ldap.test.net -
 * 1) LDAP Configuration 1 without SEAS - ldap.test.net -
 * 1) to enable connection pool to LDAP
 * 1) to enable SSL between B2Bi and LDAP
 * 2) authentication_policy.LDAP_SECURITY_TRUSTSTORE=<>
 * 3) authentication_policy.LDAP_SECURITY_TRUSTSTORE_PASSWORD=< >
 * 4) authentication_policy.LDAP_SECURITY_KEYSTORE=<>
 * 5) authentication_policy.LDAP_SECURITY_KEYSTORE_PASSWORD=< >

onde:

Use o utilitário encrypt_string.sh/cmd para ocultar a senha de texto simples.


 * authentication_policy.authentication_1.credentials=OBSCURED:rO0ABXQ...==
 * authentication_policy.authentication_1.LDAP_SECURITY_TRUSTSTORE_PASSWORD=OBSCURED:rO0ABXQ...==
 * authentication_policy.authentication_1.LDAP_SECURITY_KEYSTORE_PASSWORD=OBSCURED:rO0ABXQ...==

Reinicie o B2Bi para que suas mudanças no arquivo customer_overrides.properties tenham efeito sobre o arquivo authentication_policy.properties.

cd /bin ./hardstop.sh ./run.sh

Configurando a conta de usuário para autenticar no LDAP
Vá para “Contas de usuário” e altere o tipo de autenticação para o usuário como “Externa” e selecione o LDAP no menu suspenso conforme mostrado na imagem abaixo:



Após criar a conta, faça logout do dashboard e faça login com o usuário e senha no LDAP.



= Ver também =


 * Artigos sobre IBM Sterling
 * Mais Artigos sobre Cloud / WebDev / Tecnologias