If a specific path is not specified, the Operating System default path is used. A single keytab can contain entries for several realms. property_name = value.Ī realm configuration may be retained but disabled by removing it from this list.Ī single keytab must be defined at the global level. The specified name of each realm must correspond with the realm-specific properties later in the file, in the format realm_name. Save the file as login.properties in the same directory.Ī comma-separated list of realm names, representing active realm configurations. Inetorgopenldap: OpenLDAP using inetOrgPerson style schemas Inetorgoidldap: Oracle Internet Directory (OID)
EDQ provides the following built-in profiles:
The profile associated with an LDAP configuration provides information about the schema in the LDAP server that represents users and groups. Uncomment and edit the parameters that correspond with the LDAP server in the EDQ installation environment. This template contains sample settings that correspond to the different supported LDAP providers. Navigate to the security directory in the EDQ local configuration directory ( oedq_local_home/security). To configure direct integration with an LDAP server The settings in this file override those in the login.properties file in the base configuration directory. To enable the integration, you use a template to create and configure a login.properties file in the local configuration directory. On an Apache Tomcat server, EDQ provides direct integration with LDAP servers, but it is not enabled by default. Opss.xgmap = Administrators -> AdministratorsĢ.3 Integrating LDAP Directly on Apache Tomcat This procedure creates a local login.properties file to override the base login.properties file, and then adjusts the default Administrators group mapping in the new file.Ĭreate a subdirectory called security in the local configuration directory ( oedq_local_home /security).Ĭopy the login.properties file from the security directory of the base configuration directory ( oedq_home/security) to oedq_local_home/security. To adjust the default Administrators group mapping See "To adjust the default Administrators group mapping" for instructions. Modify the default administrators group mapping. If the LDAP server does not contain a group with the name of Administrators, you can do either of the following:Ĭreate a group named Administrators on the LDAP server, and then restart the server that manages EDQ in WebLogic Server. Provided the WebLogic Server identity store or a configured LDAP server has a group with the name of Administrators, there is no need to adjust any of the settings in login.properties. The default mapping ensures that a WebLogic Server Administrator can access the Administration application on the EDQ Launchpad to map other external groups on LDAP to the appropriate internal groups. This file is installed in the security directory of the base configuration directory ( oedq_home/security).Ī setting in login.properties specifies the default mapping of the LDAP administrators group to the EDQ administrators group.
The integration is controlled by a property in the login.properties file. EDQ users are managed by an OPSS identity store that is configured in WebLogic Server. In a default installation of EDQ on WebLogic Server, EDQ is integrated with Oracle Platform Security Services (OPSS) by default. 2.2 Integrating LDAP Using OPSS on a WebLogic Server