Credential Mapping

This chapter describes how to configure credential mapping for AquaLogic Ensemble resources. It is divided into the following topics:

About Credential Mapping

Credential mapping allows Ensemble to supply credentials to proxied applications automatically. The credentials used by Ensemble to log in to the application can come from:

The Credential Vault. When the user logs into the proxied resource, her credentials are stored in the Credential Vault. Subsequent access to that resource is authenticated using the stored credentials.
The user's AquaLogic Interaction profile. Credentials for specific applications can be stored in the user's profile and used by Ensemble to automatically log the user into proxied applications.
Static credentials. The Ensemble resource can be configured with static credentials that are used for every user with access to the resource.

Configuring Credential Mapping

Ensemble can automatically log in to resources through HTML forms and basic authentication.

The following sections describe how to configure credential mapping for authentication:

Configuring Credential Mapping for HTML Forms describes how to configure a resource to log in automatically to a resource that prompts for authentication with an HTML form.
Configuring Credential Mapping with Basic Authentication describes how to configure a resource to log inautomatically to a resource that prompts for authentication with basic authentication.
Authentication Field Sources describes the static, user profile, and credential vault authentication field sources.

Configuring Credential Mapping for HTML Forms

This section describes how to configure credential mapping for a resource that prompts for authentication with an HTML form.

Launch the Ensemble Console.
Click the APPLICATIONS tab.
Click the Resources sub-tab.
Click the name of the resource you want to edit.
On the Credential Mapping page, select HTML Form from the Type drop-down.
Create a new login form mapping by clicking Create new.
Type a Name for the login form mapping.
Set the login form by typing a Page URL, or select Detect log in page with pattern.

If the login form is located at a static URL, type the URL into the Page URL box.
If the login form is dynamic, select the Detect log in page with pattern. Type the regular expression pattern into the Pattern box.

Set the login form action by typing an Action URL, or select Use pattern for action URL.

If the login form action is a static URL, type the URL into the Action URL box.
If the login form is dynamic, select the Detect log in page with pattern. Type the regular expression pattern into the Pattern box.

To submit the login form data as an HTTP POST, select Submit action as post. Otherwise, login form data will be submitted as an HTTP GET.
Map one or more field values to authentication field sources.

Type the name of the HTML form input in the Field Name box.
For details on how to configure the Source and Mapped Value properties, see Authentication Field Sources.
To automatically detect and populate field mappings, click Detect Form Fields.
To add additional field mappings, click Add.
To delete field mappings, click the icon.

Configuring Credential Mapping with Basic Authentication

This section describes how to configure credential mapping for a resource that prompts for authentication with basic authentication.

Launch the Ensemble Console.
Click the APPLICATIONS tab.
Click the Resources sub-tab.
Click the name of the resource you want to edit.
On the Credential Mapping page, select Basic from the Type drop-down.
Enter values for Basic Auth Username and Basic Auth Password. For details on how to configure the Source and Mapped Value properties, see Authentication Field Sources.

Authentication Field Sources

Authentication field sources map values to login fields. The following table describes each of the authentication field source values in the Source drop-down:

Table 6-1 Authentication Field Sources
Source	Description
Static	Use the static source when the authentication field is the same for all users accessing the resource. Type the static value in the Mapped Value box.
Masked Static	The masked static source is like the static source, except that the value typed into the Mapped Value box is obscured in the Ensemble Console UI. Use this source to protect the values of passwords and other sensitive fields.
User Profile	The user profile source uses properties from the user's AquaLogic Interaction profile to supply credential data for authentication. For each form field with a user profile source, select the profile property from the picker.
Credential Vault	With the Credential Vault source, Ensemble prompts the user for credentials the first time she accesses the resource. The supplied credentials are stored in the credential vault, and each subsequent access to that resource is authenticated with the stored credentials.