Sun Java logo     Previous      Contents      Index      Next     

Sun logo
Sun Java System Portal Server 6 2004Q2 Desktop Customization Guide 

Chapter 9
Customizing Authentication

Sun Java System Portal Server supports a number of authentication schemes, including LDAP, anonymous, membership, UNIX, and more. See the Portal Server Administration Guide for information on configuring authentication, as well as users and roles.

This chapter contains instructions for:

Using UNIX Authentication with LoginProvider

    To Use UNIX Authentication with LoginProvider
  1. Change directories to the default/Login directory.
  2. For example:

    cd /etc/opt/SUNWps/desktop/default/Login

  3. Copy the display_UnixAuth.html file to display.html.
  4. For example,

    cp display_AuthUnix.html display.html

  5. Register and enable UNIX authentication service for the organization.
  6. See the Portal Server Administration Guide for details.

  7. Add Unix to the Non Interactive Modules in the Core service.

  8. Note

    To use LDAP authentication, the authentication module is already enabled for the default organization. You only need to copy display_AuthLDAP.html to display.html.

Configuring LDAP Authentication for UserInfoProvider

Out of the box, the UserInfo channel allows the user to edit and maintain their Membership password (change their own password). To change the user’s authentication module to only LDAP, the administrator has to customize the UserInfoProvider to acknowledge LDAP authenticated users.

    To Enable End User Password Maintenance for LDAP Authentication
  1. Create an LDAP passwordHandler template. The template name format is passwordHandler-authType.template.
  2. You can copy an existing template in the Userinfo template directory. For example,

    cd /etc/opt/SUNWps/desktop/default/UserInfo/html

    cp passwordHandler-Membership.template passwordHandler-LDAP.template

  3. Optionally, modify the descriptive text within passwordHandler-authType.template.
  4. For example, in the passwordHandler-LDAP.template file, change the Membership to LDAP.

  5. Add the authentication module name to the channel’s authTypes display profile Collection.
  6. Use the dpadmin utility to add the entry to the UserInfoProvider <Provider> element. For example:

    1. Type portal-server-install-root/SUNWps/bin/dpadmin list -u uid -w password -g > provider.xml.
    2. Make a backup copy of provider.xml. For example, type cp provider.xml provider-original.xml.

    3. Add the entry LDAP to the authTypes collection for the UserInfoProvider in the provider.xml file as shown (in bold) below:
    4. <Collection name="authTypes" advanced="true">

          <String value="Membership"/>

          <String value="LDAP"/>


      Here, based on the user’s SSOToken authentication type, the appropriate authType will be used.

    5. Import the modified display profile document. For example, type
    6. portal-server-install-root/SUNWps/bin/dpadmin modify -u uid -w password -g provider.xml

  7. Restart the web container.
  8. Access the portal desktop as an LDAP authenticated user and edit the user info channel.
  9. Verify that the password field is displayed.

  10. Modify the user’s password and select finished
  11. Logout and login to the Desktop with the new credentials.

Previous      Contents      Index      Next     

Copyright 2004 Sun Microsystems, Inc. All rights reserved.