3.2.10 Integrating Collection Manager with Oracle Internet Directory (LDAP) for Authentication

After installing APEX, you can integrate AHF Collection Manager with Oracle Internet Directory (LDAP) for authentication. The steps are provided below.

Note:

These screenshots are from an APEX 18.x release.

1. Ensure that LDAP authentication is working fine.

   -bash-4.2$ which ldapbind
   /scratch/testuser/Middleware/Oracle_Home/bin/ldapbind
   

   For non-SSL:

   -bash-4.2$ ldapbind -h host.example.com -p 3060 -D 'cn=orcladmin' -w ********
   bind successful

   For SSL:

   -bash-4.2$ ldapbind -h host.example.com -p 3131 -U 1 -D 'cn=orcladmin' -w ********
   bind successful

2. Log in to APEX as the collection manager workspace ADMIN.
   For example:

   Workspace: orachkcm, User: orachkcm, Password: ********

   Figure 3-91 Oracle Application Express Login

   

3. Click App Builder menu and then the Collection Manager App.

   Figure 3-92 App Builder

   

4. Click Shared Components and then Security: Authentication Schemes.

   Figure 3-93 Shared Components

   

   Figure 3-94 Security Authentication Schemes

   

5. On the Authentication Schemes page, click Create.

   Figure 3-95 Create Authentication Schemes

   

6. On the Create Authentication Scheme page, select Based on a pre-configured scheme from the gallery and then click Next.

   Figure 3-96 Create Authentication Schemes

   

   Create / Edit Authentication Scheme page is displayed.

   Figure 3-97 Create/Edit Authentication Scheme

   

7. On the Create/Edit Authentication Scheme page, enter Name and Scheme Type.

   For example:

   Name: AHF_CM_OID_AUTH

   Scheme Type: Select LDAP Directory

   Figure 3-98 Create/Edit Authentication Scheme

   

   The Create/Edit Authentication Scheme page expands.

8. Enter additional LDAP settings.

   Figure 3-99 Additional LDAP Settings

   

   Enter the details that match your Oracle Internet Directory (LDAP) environment.

   For example:

   Host: host.example.com

   Port: 3131

   Use SSL: SSL

   Distinguished Name (DN) String: cn=%LDAP_USER%

   Use Exact Distinguished Name: Yes

   Figure 3-100 Additional LDAP Settings

   

9. Click Test LDAP Login.

   This will populate most of the data you entered previously.

10. Under Credentials for Test Login, enter the LDAP username and password that you would like to test.

    Figure 3-101 LDAP Test

    

11. Click Test Login.

    If the details we provided are correct and the OID (LDAP) is configured correctly. then you will notice and "Authenticated" Message:

    Figure 3-102 LDAP Test

    

    Note:

    If the authentication fails, validate the LDAP details using ldapbind command from an OID client home and then click Apply Changes and click Create Authentication Scheme.

    At this time, you should see the following screen.

    Figure 3-103 Authentication Scheme Activated

    

    Note that the most recent LDAP Directory scheme will be shown as Current.

12. Now, sign out as the ADMIN for ORACHKCM workspace.

    Figure 3-104 Workspace Sign Out

    

13. Log in to Collection Manager Application directly using the LDAP user.

    For example: orcladmin/********

    Figure 3-105 Log in to Collection Manager

    

    A successful login will authenticate and bring you into the collection manager application.

    Figure 3-106 Logging successfully in to Collection Manager