Configuring LDAP Authentication - Advanced Design and Setup - Foundation 23.2 - Foundation 23.2 - Ready - Content Composer - external

Content Composer Advanced Design and Setup

Platform
Content Composer
Product
Advanced Design and Setup
Release
Foundation 23.2
License
This configuration option uses the LDAP server to authenticate and authorize.

The configuration file UserRepository_Ldap.config contains the LDAP server-specific settings. Modify this file before enabling LDAP authorization.

To configure LDAP authentication, complete the following steps.

  1. If required, maintain the user and role-attributes as well as the password and group assignments in LDAP.
  2. From the %Composerdir% directory, open Composer.Core.exe.config with a text editor that supports UTF-8.
  3. Search for the following lines.
    <behaviors>
      <serviceBehaviors>
         <behavior name="STSBehaviour">
    
  4. Within the <behavior name="STSBehaviour"> element, add the following <serviceCredentials> element.
    <behavior name="STSBehaviour">
             <serviceCredentials> 
                <userNameAuthentication userNamePasswordValidationMode="Custom" customUserNamePasswordValidatorType="ModusSuite.Runtime.STS.LdapUserNamePasswordValidator, ModusSuite.Runtime.STSRuntimeService" /> 
             </serviceCredentials>
         </behavior>
  5. Save and close the file.
  6. From the %Composerdir% directory, open UserRepository.config with a text editor that supports UTF-8.
  7. Set the userStore attribute value to LDAP.
  8. Set the profileReadOption attribute value to either All, Role, None, or User.
  9. Save and close the file.
  10. Restart the Composer.Core service.
  11. To be able to enter the LDAP user name and password when launching Composer Studio and Composer Windows Client, use the CMD line parameter credentials:input.

    Example

    Composer.Studio.exe -credentials:input

    For more information, see Studio start parameters.

LDAP performs the user authentication and determination of user groups. The system determines the assignment of users to roles from LDAP. If required, the system reads the users and role profiles from LDAP.