How to configure basic authentication with an LDAP user registry
Configure a IBM® z/OS® Connect server to perform basic authentication with a Lightweight Directory Access Protocol (LDAP) user registry.
This task is applicable when IBM z/OS Connect is used as an API provider.
Before you begin
- You should be familiar with the information in API provider authentication and identification.
- You must complete the task How to configure an LDAP user registry.
- You must have write access to the server.xml configuration file.
About this task
You configure the IBM z/OS Connect server to
require authentication, by setting the attribute requireAuth="true"
. This task
then configures the server to use basic authentication.
This task does not include information on how to configure the IBM z/OS Connect server to use TLS. If the attribute
requireSecure
is set to true
(the default), you must configure a TLS connection between
the client and the IBM z/OS Connect server, for example,
by completing the task How to configure TLS with RACF key rings.
Procedure
For more information about configuration elements, see Configuration elements in the Reference section.
Results
Users and groups that match the filters defined in the ldapRegistry
element can
be used to authenticate with the IBM z/OS Connect
server. Additionally, the LDAP users and groups that are assigned to the
zosConnectAccess
role now have authorization to access IBM z/OS Connect.