Implementing LDAP in Sterling File Gateway

Sterling File Gateway can be configured to authenticate user credentials against an Lightweight Directory Access Protocol (LDAP) directory.

1. Create external users in Sterling B2B Integrator.
2. For each external user created in Sterling B2B Integrator, create a matching record in an LDAP Directory.
3. Create or modify the customer_overrides.properties file to modify the authentication_policy.properties. as in the following example:

   authentication_policy.LDAP_AUTHENTICATION_ENABLED=true
    #######################################################
   # LDAP Server <1> Authentication Configuration
   ########################################################
   #
   authentication_policy.authentication_1.className=
   com.sterlingcommerce.SERVER!.security.LDAPAuthentication
    authentication_policy.authentication_1.display_name
   =OPenLDAP Server localhost
   ## enable ldap authentication (true, false)
   default=false
    authentication_policy.authentication_1.enabled=true
   ## jndi parameters for ldap
   connections
   authentication_policy.authentication_1.jndi_factory=
   com.sun.jndi.ldap.LdapCtxFactory
   authentication_policy.authentication_1.server=localhost
   authentication_policy.authentication_1.port=XXX
   authentication_policy.authentication_1.security_type=
   simple
   authentication_policy.authentication_1.principle=
   cn=Manager,dc=amr,dc=stercomm,dc=com
   authentication_policy.authentication_1.credentials=
   secret
   ## comment out or leave as blank on this property if 
   the server is not going to use SSL for the security
   protocol.
   #authentication_<number>.security_protocol=ssl
   ## search parameters for user password
   authentication_policy.authentication_1.password_attribute
   =userPassword
    authentication_policy.authentication_1.search_root=
   dc=amr,dc=stercomm,dc=com
   authentication_policy.authentication_1.search_filter=
   (uid=<userid>)
   authentication_policy.authentication_1.with_user_bind=
   false
   

   where authentication_1 is your first LDAP server. To use multiple LDAP servers, copy the lines for authentication_1 and modify them for the properties for authentication_2. Continue for as many servers as you want to set up.

   Note: Do not edit the authentication_policy.properties file. Make all changes in the customer_overrides.properties file. See Using Property Files in the Sterling B2B Integrator 5.2 online library.
4. If you previously set up LDAP in Sterling B2B Integrator by editing your security.properties file, comment out LDAP settings as follows:

   #LDAP_AUTHENTICATION_ENABLED=true
   #LDAP_JNDI_CONTEXT_FACTORY=com.sun.jndi.ldap.LdapCtxFactory
   #LDAP_HOST=ldap://ldapserver1.local:9999
   #LDAP_SECURITY_TYPE=simple
   #LDAP_PRINCIPLE=cn=Manager,dc=amr,dc=stercomm,dc=com
   #LDAP_CREDENTIALS=SterlingCustomer
   #LDAP_USER_PASSWORD_ATTRIBUTE=userPassword
   #LDAP_SEARCH_ROOT=dc=amr,dc=stercomm,dc=com
   #LDAP_SEARCH_FILTER_PATTERN=(uid=<userid>)
   #LDAP_AUTHENTICATE_WITH_USER_BIND=false
   ##LDAP_SECURITY_PROTOCOL=ssl
   #LDAP_SECURITY_TRUSTSTORE=&INSTALL_DIR;/server2/com/sterlingcommerce/
   server2/security/units/cacerts
   #LDAP_SECURITY_TRUSTSTORE_PASSWORD=changeit
   #LDAP_SECURITY_KEYSTORE=&INSTALL_DIR;/server2/com/sterlingcommerce/
   server2/security/units/keystore
   #LDAP_SECURITY_KEYSTORE_PASSWORD=password
   

   The setting in authentication_policy overrides the previous setting in security.properties.
5. Restart the server for your changes to in the customer_overrides.properties file to take effect over the authentication_policy.properties file.
6. See Using Using LDAP in the Sterling B2B Integrator 5.2 online library.