External authenticator

For the activation of LDAP, an external authenticator module class name must be set in the section with the configuration name:

• userlib

This can be achieved by a SOAP request like the following:

<?xml version="1.0" encoding="UTF-8"?>
<soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope"
               xmlns:ns="http://www.tsystems.com/ima9/integrationws/messaging/201101">
  <soap:Header>
    <user:user xmlns:user="http://www.tsystems.com/ima/9.0/integrationws/header/user">powerUser</user:user>
    <role:role xmlns:role="http://www.tsystems.com/ima/9.0/integrationws/header/roles">powerUser</role:role>
  </soap:Header>
  <soap:Body>
    <ns:createDocument>
      <revision>
        <documentType name="_COMMONS_CONFIGURATION"/>
        <metadata>
          <attribute name="_COMMONS_CONFIGURATION_CONFIGURATION_NAME">userlib</attribute>
          <attribute name="_COMMONS_CONFIGURATION_CONFIGURATION"><![CDATA[<?xml version="1.0"
encoding="utf-8"?>
<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd">
<properties>
<comment>userlib configuration</comment>
<entry key="authModule">MODULE_CLASSNAME</entry>
<entry key="loginDelay.dynamicLength">true</entry>
<entry key="loginDelay.maxDynamicLength">-1</entry>
<entry key="identityStore">STORE_CLASSNAME</entry>
</properties>
]]></attribute>
        </metadata>
        <contents/>
      </revision>
    </ns:createDocument>
  </soap:Body>
</soap:Envelope>

Properties

The following property keys are supported:

• authModule: internal class name of an authentication module

  The “loginDelay” settings are enabled for any ImageMaster supported external authentication modules such as LDAP/ActiveDirectory or RADIUS. The login delay is triggered if a user does not exist.

• identityStore: optional property – internal class name of an identity store that can be used additionally to retrieve user data from a separate source

For related details see General configuration and behavior.