LDAP Implementation with Simple Authentication:
In Pega PRPC, I had tried LDAP Authentication. I had followed the same steps mentioned in the below link, in personal edition for trail and learning purpose. Its working without any changes.
https://community1.pega.com/community/product-support/question/how-cofigure-server-based-authentication-ldap
1) Install LDAP server:
Downloaded Apache Directory Studio and installed the server.
https://directory.apache.org/studio/download/download-windows.html
Import some sample data from google by searching with sample ".ldif" file - which is the format of the LDAP data. by default LDAP Port will be 389, 10389:
My LDAP URL is: ldap://localhost:10398
Sample screen shot from data and structure of data has been given below:
dc=example, dc=com
ou=Management
cn=1(user1)
cn=2(user2)
2)Create an authentication Service - Named(in this example) "TestLDAP1" - and AuthenticationTimeout and Authentication Activity, mention it.
Then we need to configure - Search directory and Filter Criteria and Parameter.
Screen shot from
and then set the other attributes from the LDAP which is required for pega configuration and process identification.
set the model operator to which it need to copy and create a new operator ID, for first time login.
If we updated the Model Operator ID, then we need to mention the access group in Unauthenticated AccessGroup, else default configuration is fine.
3)If app server is Tomcat, then web.xml need to be modified, else correponding <<web app>>.xml based on the app server pega is deployed.
4) update web.xml file in the below format, in AuthService parameter mention the newly created Authentication Service name. In this example - TestLDAP1
so that if below URL is used it will pick the servletname and correponding Auth Service.
http://localhost:9085/prweb/PRWebLDAP2
<servlet>
<servlet-name>WebLDAP2</servlet-name>
<display-name>WebLDAP2</display-name>
<description>Authentication using LDAP (reserved for configuration wizard)</description>
<servlet-class>com.pega.pegarules.internal.web.servlet.WebStandardBoot</servlet-class>
<init-param>
<param-name>PegaEtierClass</param-name>
<!-- COMPONENTS: This was previously com.pega.pegarules.services.HttpAPI -->
<param-value>com.pega.pegarules.session.internal.engineinterface.service.HttpAPI</param-value>
</init-param>
<init-param>
<param-name>AuthenticationType</param-name>
<param-value>PRCustom</param-value>
</init-param>
<init-param>
<param-name>AuthService</param-name> -- TestLDAP1
<!--<param-value>WebLDAP2</param-value> -->
<param-value>TestLDAP1</param-value>
</init-param>
<init-param>
<param-name>RuntimeServletName</param-name>
<param-value>PRWebLDAP2</param-value>
</init-param>
<init-param>
<param-name>SecureServletName</param-name>
<param-value>PRWebLDAP2Auth</param-value>
</init-param>
5)Now open new browser and enter the
enter user and pwd from data you loaded through sample.ldif file.
you can see the screen/portal which you are logging on.
Please let us know if any other updation, we will update it, it will be helpful for others as well.
In Pega PRPC, I had tried LDAP Authentication. I had followed the same steps mentioned in the below link, in personal edition for trail and learning purpose. Its working without any changes.
https://community1.pega.com/community/product-support/question/how-cofigure-server-based-authentication-ldap
1) Install LDAP server:
Downloaded Apache Directory Studio and installed the server.
https://directory.apache.org/studio/download/download-windows.html
Import some sample data from google by searching with sample ".ldif" file - which is the format of the LDAP data. by default LDAP Port will be 389, 10389:
My LDAP URL is: ldap://localhost:10398
Sample screen shot from data and structure of data has been given below:
dc=example, dc=com
ou=Management
cn=1(user1)
cn=2(user2)
2)Create an authentication Service - Named(in this example) "TestLDAP1" - and AuthenticationTimeout and Authentication Activity, mention it.
Then we need to configure - Search directory and Filter Criteria and Parameter.
Screen shot from
and then set the other attributes from the LDAP which is required for pega configuration and process identification.
set the model operator to which it need to copy and create a new operator ID, for first time login.
If we updated the Model Operator ID, then we need to mention the access group in Unauthenticated AccessGroup, else default configuration is fine.
3)If app server is Tomcat, then web.xml need to be modified, else correponding <<web app>>.xml based on the app server pega is deployed.
4) update web.xml file in the below format, in AuthService parameter mention the newly created Authentication Service name. In this example - TestLDAP1
so that if below URL is used it will pick the servletname and correponding Auth Service.
http://localhost:9085/prweb/PRWebLDAP2
<servlet>
<servlet-name>WebLDAP2</servlet-name>
<display-name>WebLDAP2</display-name>
<description>Authentication using LDAP (reserved for configuration wizard)</description>
<servlet-class>com.pega.pegarules.internal.web.servlet.WebStandardBoot</servlet-class>
<init-param>
<param-name>PegaEtierClass</param-name>
<!-- COMPONENTS: This was previously com.pega.pegarules.services.HttpAPI -->
<param-value>com.pega.pegarules.session.internal.engineinterface.service.HttpAPI</param-value>
</init-param>
<init-param>
<param-name>AuthenticationType</param-name>
<param-value>PRCustom</param-value>
</init-param>
<init-param>
<param-name>AuthService</param-name> -- TestLDAP1
<!--<param-value>WebLDAP2</param-value> -->
<param-value>TestLDAP1</param-value>
</init-param>
<init-param>
<param-name>RuntimeServletName</param-name>
<param-value>PRWebLDAP2</param-value>
</init-param>
<init-param>
<param-name>SecureServletName</param-name>
<param-value>PRWebLDAP2Auth</param-value>
</init-param>
5)Now open new browser and enter the
enter user and pwd from data you loaded through sample.ldif file.
you can see the screen/portal which you are logging on.
Please let us know if any other updation, we will update it, it will be helpful for others as well.
No comments:
Post a Comment