Configuring LDAP for IBM Control Desk Service Portal

If your enterprise uses LDAP, configure IBM® Control Desk for Service Portal authentication.

1. Optional: Complete this step only if you use application server security, such as LDAP. There are 4 web.xml files that you might need to update:
   • <maximo>applications/maximo/maximouiweb/webmodule/WEB-INF/web.xml
   • <maximo>applications/maximo/maxrestweb/webmodule/WEB-INF/web.xml
   • <maximo>applications/maximo/mboweb/webmodule/WEB-INF/web.xml
   • <maximo>applications/maximo/meaweb/webmodule/WEB-INF/web.xml
   In your maximo root directory, ensure that 1 is specified for <env-entry-value> for the useAppServerSecurity name in the web.xml file. Make sure that the change is made for all four modules including maxrestweb, as shown in the following example.

   <env-entry>
       <description>Indicates whether to use Application Server security
           or not</description>
       <env-entry-name>useAppServerSecurity</env-entry-name>
       <env-entry-type>java.lang.String</env-entry-type>
       <env-entry-value>1</env-entry-value>    
   </env-entry>

2. In the maxrestweb web.xml and the maximouiweb web.xml files, ensure that you have a servlet, servlet-mapping, and security constraint entry for the oslc servlet, as shown in the following example.

   <servlet>
      <display-name>OSLC Servlet for Web App</display-name>
      <servlet-name>OSLCServlet</servlet-name>
      <servlet-class>com.ibm.tivoli.maximo.oslc.provider.MaximoOslcProviderServlet
          </servlet-class>
      <init-param>
          <param-name>char_encoding</param-name>
          <param-value>UTF-8</param-value>
      </init-param>
    </servlet>
   
    <servlet-mapping>
        <servlet-name>OSLCServlet</servlet-name>
        <url-pattern>/oslc/*</url-pattern>
    </servlet-mapping>
   
    <security-constraint>
        <web-resource-collection>
            <web-resource-name>MAXIMO OSLC Provider</web-resource-name>
            <description>MAXIMO OSLC Provider Security</description>
            <url-pattern>/oslc/*</url-pattern>
            <http-method>GET</http-method>
            <http-method>POST</http-method>
            <http-method>PUT</http-method>
            <http-method>DELETE</http-method>
        </web-resource-collection>
        <auth-constraint>
            <description>Roles that have access to MAXIMO OSLC</description>
            <role-name>maximouser</role-name>
        </auth-constraint>
        <user-data-constraint>
            <description>data transmission gaurantee</description>
            <transport-guarantee>NONE</transport-guarantee>
        </user-data-constraint>
    </security-constraint>

3. Optional: Complete this step only if you use application server security, such as LDAP. In the maxrestweb web.xml file, uncomment the constraint block for the rest servlet, as shown in the following example. To uncomment remove "<!-- " at the beginning of the code block and remove " -->" at the end of the code block.

   <!-- 
   <security-constraint>
      <web-resource-collection>
          <web-resource-name>REST Servlet for Web App</web-resource-name>
          <description>Object Structure Service Servlet (HTTP POST) 
              accessible by authorized users</description>
          <url-pattern>/rest/*</url-pattern>
          <http-method>GET</http-method>
          <http-method>POST</http-method>
      </web-resource-collection>
      <auth-constraint>
          <description>Roles that have access to Object Structure 
             Service Servlet (HTTP POST)</description>
          <role-name>maximouser</role-name>
      </auth-constraint>
      <user-data-constraint>
          <description>data transmission gaurantee</description>
          <transport-guarantee>NONE</transport-guarantee>
      </user-data-constraint>
   </security-constraint>
   
       
   <login-config>
       <auth-method>BASIC</auth-method>
       <realm-name>REST Web Application Realm</realm-name>        
   </login-config>
    -->

4. Rebuild and redeploy the Maximo EAR file.
5. Restart the Maximo server.