IBM InfoSphere Streams Version 4.1.0

InfoSphere Streams login modules

InfoSphere® Streams provides built-in login modules for customizing PAM, LDAP, and X.509 certificate authentication.

PAM authentication

Module class: com.ibm.streams.security.authc.module.PAMLoginModule
Module option:
service
The PAM authentication service name.

LDAP authentication

Module class: com.ibm.streams.security.authc.module.LDAPLoginModule
Module options:
serverUrl
LDAP server URL. This URL includes the host name and port number of the LDAP server, for example, ldap://ldap1.ibm.com:389.
userDnPattern
User DN Pattern. This pattern is used to create a distinguished name (DN) for a user during login, for example:
  • cn=*,ou=people,dc=ibm,dc=com, which is valid for any LDAP server type.
  • ADDOMAINNAME\\\*, which is valid for Windows Active Directory only.
When the user logs in, the user ID is substituted for the asterisk (*) in the pattern.
groupObjectClass
LDAP group object class that is used to search for group names.
groupSearchBaseDn
LDAP base DN that is used to search for groups.
groupAttributeWithUserNames
LDAP name of the element in the group record that contains the list of members in the group.
userAttributeStoredInGroupAttribute
LDAP name of the element in a user record that is stored in the group record.
userSecondaryLookup
LDAP user secondary lookup query that InfoSphere Streams uses to find the LDAP user name from the specified user ID, for example: "(&(objectclass=ibmperson)(notesshortname=*)) uid".

X.509 certificate authentication

Module class: com.ibm.streams.security.authc.module.X509CertLoginModule

Module options: None

Parent topic: Setting up login module authentication for InfoSphere Streams users