5 Replies Latest reply: Jul 31, 2012 1:26 AM by Ayax Morales RSS

How to configure a LDAP server as a security provider in SUP 2.0.1???

Daniel Montero
Currently Being Moderated

Hi, all

 

I need connect a LDAP server as security provider.

 

The computer where Sybase Unwired Platform is installed have visibility to the computer where LDAP server is installed.

 

I´m working with SUP 2.0.1.

 

I follow next steps:

 

First I configure csi.properties with my LDAP properties. I follow this tutorial:

 

Configuring a Security Provider for Sybase Control Center

 

 

After, i configure roles-map.xml:

 

Setting Up Provider Roles in Sybase Control Center

 

I change "SUP Administrator" and "SUP Domain Administrator" to "GROUP1" and "GROUP2". GROUP1 and GROUP2 are the user groups in LDAP.

 

Finally, i configure admin security:

 

Setting Up the Admin Security Configuration

 

 

Now i try login on sybase control center using a LDAP user but nothing happen.

 

Any idea? Thanks!

 

Regards, Dani.

 

Edited by: DMontero on Dec 22, 2011 2:32 PM

 

  • Re: How to configure a LDAP server as a security provider in SUP 2.0.1???
    Daniel Montero
    Currently Being Moderated

    I get authentication but i get other read access error. The log say that:

     

    2011-12-23 15:03:01,431 [INFO ] [19399677@qtp-31085410-6] com.sybase.scc.uaf.adapter.UAFLoginCommand.doAuthentication(?) - FlexSession: 186t2z49ziu3z -- Authenticating user Test1Sap

    2011-12-23 15:03:01,715 [INFO ] [RMI TCP Connection(82)-127.0.0.1] com.sybase.ua.services.security.ldap.LDAPLoginModule.login(?) - Authentication succeeded using: LDAP Login Module

    2011-12-23 15:03:02,291 [INFO ] [RMI TCP Connection(82)-127.0.0.1] com.sybase.ua.services.security.SecurityService.createSession(?) - User successfully logged in. Username: Test1Sap

    2011-12-23 15:03:02,390 [INFO ] [RMI TCP Connection(82)-127.0.0.1] com.sybase.ua.services.security.ldap.LDAPLoginModule.login(?) - Authentication succeeded using: LDAP Login Module

    2011-12-23 15:03:02,968 [INFO ] [RMI TCP Connection(82)-127.0.0.1] com.sybase.ua.services.security.SecurityService.createSession(?) - User successfully logged in. Username: Test1Sap

    2011-12-23 15:03:02,980 [ERROR] [ConnectionWorkingThread] com.sybase.ua.AgentConnection.createAgentInfo(?) - User Test1Sap does not have read access to resource agentInfo

    2011-12-23 15:03:02,989 [ERROR] [19399677@qtp-31085410-6] com.sybase.ua.AgentConnection.connect(?) - Connection working thread failed: User Test1Sap does not have read access to resource Version

    com.sybase.ua.AuthorizationException: User Test1Sap does not have read access to resource Version

         at com.sybase.ua.connection.AgentConnectionImpl.getMBeanAttribute(Unknown Source)

         at com.sybase.ua.connection.AgentConnectionImpl.getAgentServiceProperty(Unknown Source)

         at com.sybase.ua.connection.AgentConnectionImpl.createAgentInfoV0_6_1_20(Unknown Source)

         at com.sybase.ua.connection.AgentConnectionImpl.createAgentInfo(Unknown Source)

         at com.sybase.ua.connection.ConnectionWorkingThread.run(Unknown Source)

    2011-12-23 15:03:02,989 [WARN ] [19399677@qtp-31085410-6] com.sybase.scc.jmx.SccSessionImpl.authenticate(?) - Failed to authenticate user 'Test1Sap' (User Test1Sap does not have read access to resource Version)

    2011-12-23 15:03:02,998 [ERROR] [19399677@qtp-31085410-6] com.sybase.ua.AgentConnection.logout(?) - com.sybase.ua.AuthorizationException: User Test1Sap does not have execute access to resource logout/java.lang.String

    2011-12-23 15:03:03,009 [ERROR] [19399677@qtp-31085410-6] com.sybase.ua.AgentConnection.createAgentInfo(?) - JMX Connector is lost.

    2011-12-23 15:03:03,081 [ERROR] [19399677@qtp-31085410-6] com.sybase.ua.connection.AgentConnectionListenerImpl.destroy(?) - object not exported

  • Re: How to configure a LDAP server as a security provider in SUP 2.0.1???
    Daniel Montero
    Currently Being Moderated

    Hi all,

     

    Last time i couldn´t finish the proof. Now, i'm trying to integrate my LDAP server with my SUP server one more time.

     

    I´m working on 2.1.2 SUP version. I´ll post here any conclusion.

     

    Regards.

Actions