Authorizing a single LDAP group to have a role in IBM Integration Bus
Authorize a single LDAP group to have a role in IBM® Integration Bus by setting values for the ldapAuthorizeUrl property in the ldap.auth.yaml web administration server security configuration file.
Before you begin
About this task
The example described in this topic illustrates how to authorize a single LDAP group to have a
role in IBM Integration Bus. The example refers to an LDAP-authenticated user,
graham
, who is a member of a single group in LDAP, which has the distinguished name
(dn) cn=administrator,ou=groups,o=iib
, as shown in the following LDAP
configuration:
ObjectClass: Person
dn: cn=graham,ou=users,o=iib
cn: graham
ObjectClass: groupOfNames
dn: cn=administrator,ou=groups,o=iib
cn: administrator
Member: cn=graham,ou=users,o=iib
Member: cn=martin,ou=users,o=iib
Procedure
Results
graham
attempts to perform an action on
the integration node or integration server, a search will confirm that the LDAP distinguished name
cn=administrator,ou=groups,o=iib
is authorized to perform the role
adminRole
in IBM Integration Bus. The LDAP-authenticated user
graham
is a member of the LDAP group
cn=administrator,ou=groups,o=iib
so permission to perform the action is
granted.