Sun Java System Portal Server 6 2004Q2 Desktop Customization Guide |
Chapter 9
Customizing AuthenticationSun Java System Portal Server supports a number of authentication schemes, including LDAP, anonymous, membership, UNIX, and more. See the Portal Server Administration Guide for information on configuring authentication, as well as users and roles.
This chapter contains instructions for:
Using UNIX Authentication with LoginProviderTo Use UNIX Authentication with LoginProvider
- Change directories to the default/Login directory.
For example:
cd /etc/opt/SUNWps/desktop/default/Login
- Copy the display_UnixAuth.html file to display.html.
For example,
cp display_AuthUnix.html display.html
- Register and enable UNIX authentication service for the organization.
See the Portal Server Administration Guide for details.
- Add Unix to the Non Interactive Modules in the Core service.
Configuring LDAP Authentication for UserInfoProviderOut of the box, the UserInfo channel allows the user to edit and maintain their Membership password (change their own password). To change the user’s authentication module to only LDAP, the administrator has to customize the UserInfoProvider to acknowledge LDAP authenticated users.
To Enable End User Password Maintenance for LDAP Authentication
- Create an LDAP passwordHandler template. The template name format is passwordHandler-authType.template.
You can copy an existing template in the Userinfo template directory. For example,
cd /etc/opt/SUNWps/desktop/default/UserInfo/html
cp passwordHandler-Membership.template passwordHandler-LDAP.template
- Optionally, modify the descriptive text within passwordHandler-authType.template.
For example, in the passwordHandler-LDAP.template file, change the Membership to LDAP.
- Add the authentication module name to the channel’s authTypes display profile Collection.
Use the dpadmin utility to add the entry to the UserInfoProvider <Provider> element. For example:
- Type portal-server-install-root/SUNWps/bin/dpadmin list -u uid -w password -g > provider.xml.
Make a backup copy of provider.xml. For example, type cp provider.xml provider-original.xml.
- Add the entry LDAP to the authTypes collection for the UserInfoProvider in the provider.xml file as shown (in bold) below:
<Collection name="authTypes" advanced="true">
<String value="Membership"/>
<String value="LDAP"/>
</Collection>
Here, based on the user’s SSOToken authentication type, the appropriate authType will be used.
- Import the modified display profile document. For example, type
portal-server-install-root/SUNWps/bin/dpadmin modify -u uid -w password -g provider.xml
- Restart the web container.
- Access the portal desktop as an LDAP authenticated user and edit the user info channel.
Verify that the password field is displayed.
- Modify the user’s password and select finished
- Logout and login to the Desktop with the new credentials.