Using Active Directory Server as an Authentication Realm
Integrate the Akula Server with an Active Directory server to control user access to your apps. When integrating with Active Directory, Active Directory stores the user's principal and secret (typically a username and password), and the user groups. You can also use Active Directory to set rules for password expiration, account lockout, and maximum unsuccessful log in attempts.
To integrate the Akula Server with Active Directory, you first define the Active Directory realm in the
AKULA_HOME\global\security-template.xml file, and then add that realm to a security manager. For more information on the security-template.xml file and configuring security managers, see Defining a Security Manager.
In the security-template.xml file, you set properties that define the location of the Active Directory server, as well as other information. Shown below is an example of the security-template.xml file that defines an Active Directory realm:
The following table describes the
key values that you set to configure an Active Directory realm:
|The realm name of the Active Directory server.|
|The username to use when logging into the Active Directory server for authorization.|
|The password to use when logging into the Active Directory server for authorization.|
|The search base.|
|The location of the Active Directory server.|
Additional information about the user, if available. If none is available, omit this key. In this example,
The number of times to retry a connection to the Active Directory server if a connection attempt fails.
A value of 0 disables the retry mechanism.
|The amount of time, in milliseconds, between retry attempts to the Active Directory server.|
(Optional) The LDAP server referral strategy. Valid values are
Appends the value of this property to the username, if necessary. For example, "tdanza" becomes "email@example.com". This suffix will not be appended to usernames that take the form of "DOMAIN\\username".
After editing the security-template.xml file, restart the Akula Server.