How to configure a LDAP server as a security provider in SUP 2.0.1???

Daniel Montero Mar 1, 2012 12:19 PM

Currently Being Moderated

Hi, all

I need connect a LDAP server as security provider.

The computer where Sybase Unwired Platform is installed have visibility to the computer where LDAP server is installed.

I´m working with SUP 2.0.1.

I follow next steps:

First I configure csi.properties with my LDAP properties. I follow this tutorial:

Configuring a Security Provider for Sybase Control Center

After, i configure roles-map.xml:

Setting Up Provider Roles in Sybase Control Center

I change "SUP Administrator" and "SUP Domain Administrator" to "GROUP1" and "GROUP2". GROUP1 and GROUP2 are the user groups in LDAP.

Finally, i configure admin security:

Setting Up the Admin Security Configuration

Now i try login on sybase control center using a LDAP user but nothing happen.

Any idea? Thanks!

Regards, Dani.

Edited by: DMontero on Dec 22, 2011 2:32 PM

Re: How to configure a LDAP server as a security provider in SUP 2.0.1???

Daniel Montero Dec 23, 2011 3:09 PM (in response to Daniel Montero)

Currently Being Moderated

I get authentication but i get other read access error. The log say that:

2011-12-23 15:03:01,431 [INFO ] [19399677@qtp-31085410-6] com.sybase.scc.uaf.adapter.UAFLoginCommand.doAuthentication(?) - FlexSession: 186t2z49ziu3z -- Authenticating user Test1Sap
2011-12-23 15:03:01,715 [INFO ] [RMI TCP Connection(82)-127.0.0.1] com.sybase.ua.services.security.ldap.LDAPLoginModule.login(?) - Authentication succeeded using: LDAP Login Module
2011-12-23 15:03:02,291 [INFO ] [RMI TCP Connection(82)-127.0.0.1] com.sybase.ua.services.security.SecurityService.createSession(?) - User successfully logged in. Username: Test1Sap
2011-12-23 15:03:02,390 [INFO ] [RMI TCP Connection(82)-127.0.0.1] com.sybase.ua.services.security.ldap.LDAPLoginModule.login(?) - Authentication succeeded using: LDAP Login Module
2011-12-23 15:03:02,968 [INFO ] [RMI TCP Connection(82)-127.0.0.1] com.sybase.ua.services.security.SecurityService.createSession(?) - User successfully logged in. Username: Test1Sap
2011-12-23 15:03:02,980 [ERROR] [ConnectionWorkingThread] com.sybase.ua.AgentConnection.createAgentInfo(?) - User Test1Sap does not have read access to resource agentInfo
2011-12-23 15:03:02,989 [ERROR] [19399677@qtp-31085410-6] com.sybase.ua.AgentConnection.connect(?) - Connection working thread failed: User Test1Sap does not have read access to resource Version
com.sybase.ua.AuthorizationException: User Test1Sap does not have read access to resource Version
     at com.sybase.ua.connection.AgentConnectionImpl.getMBeanAttribute(Unknown Source)
     at com.sybase.ua.connection.AgentConnectionImpl.getAgentServiceProperty(Unknown Source)
     at com.sybase.ua.connection.AgentConnectionImpl.createAgentInfoV0_6_1_20(Unknown Source)
     at com.sybase.ua.connection.AgentConnectionImpl.createAgentInfo(Unknown Source)
     at com.sybase.ua.connection.ConnectionWorkingThread.run(Unknown Source)
2011-12-23 15:03:02,989 [WARN ] [19399677@qtp-31085410-6] com.sybase.scc.jmx.SccSessionImpl.authenticate(?) - Failed to authenticate user 'Test1Sap' (User Test1Sap does not have read access to resource Version)
2011-12-23 15:03:02,998 [ERROR] [19399677@qtp-31085410-6] com.sybase.ua.AgentConnection.logout(?) - com.sybase.ua.AuthorizationException: User Test1Sap does not have execute access to resource logout/java.lang.String
2011-12-23 15:03:03,009 [ERROR] [19399677@qtp-31085410-6] com.sybase.ua.AgentConnection.createAgentInfo(?) - JMX Connector is lost.
2011-12-23 15:03:03,081 [ERROR] [19399677@qtp-31085410-6] com.sybase.ua.connection.AgentConnectionListenerImpl.destroy(?) - object not exported
Report Abuse

Like (0)
- Re: How to configure a LDAP server as a security provider in SUP 2.0.1???
  
  Sandeep Tiruveedi Apr 16, 2012 5:18 PM (in response to Daniel Montero)
  
  Currently Being Moderated
  
  Hi Daniel,
  
  I'm trying to do the same thing on SUP 2.1 server. Did you have any luck with integrating your LDAP server with your SUP server?
  
  I created a LDAP login module configuration in SCC but I'm not sure how I can test the connection has been set up?
  
  Thanks
  Sandeep
  
  Report Abuse
  
  Like (0)
- Re: How to configure a LDAP server as a security provider in SUP 2.0.1???
  
  Piotr Zdrowowicz Jul 4, 2012 8:54 AM (in response to Daniel Montero)
  
  Currently Being Moderated
  
  Hi Daniel
  
  Did you found solution for this problem ? All links on google goes to your post and you're my last hope Thanks a lot for any answer.
  
  regards
  
  Report Abuse
  
  Like (0)
Re: How to configure a LDAP server as a security provider in SUP 2.0.1???

Daniel Montero Jul 11, 2012 11:40 PM (in response to Daniel Montero)

Currently Being Moderated

Hi all,

Last time i couldn´t finish the proof. Now, i'm trying to integrate my LDAP server with my SUP server one more time.

I´m working on 2.1.2 SUP version. I´ll post here any conclusion.

Regards.
Report Abuse

Like (0)
- Re: How to configure a LDAP server as a security provider in SUP 2.0.1???
  
  Ayax Morales Jul 31, 2012 1:26 AM (in response to Daniel Montero)
  
  Currently Being Moderated
  
  Hello Daniel,
  In version 2.1.2 you no longer need to modify xml files for role mapping, it is enough with the SCC console configuration.
  
  Regards,
  Ayax
  
  Report Abuse
  
  Like (0)

Go to original post