Specifying the binding parameters for a custom authentication service
Specify the binding parameters so that a custom authentication service can authenticate new requestors by accessing your repository.
Open the service from the navigation panel in Dev Studio by clicking Service tab.and choosing a service from the instance list, and then navigate to the
In the Authentication activity field, press the Down Arrow key and select the AuthenticationLDAP activity.
The activity must have Code-Security as the Applies To key part.
In the Initial context factory field, enter the Java class name of the JNDI initial context factory to use to connect to the directory server, for example, com.sun.jndi.ldap.LdapCtxFactory.
In the Directory field, enter an explicit URL or a JNDI entry which represents a directory located on the LDAP server. This approach enables you to relocate servers without having to reconfigure the application.
For an explicit URL, use the following format: ldap[s]://[ servername ]:[ portnumber ] .
For a JNDI entry, the syntax is dependent upon the server environment.
In the Trust store field, press the Down Arrow key and select the truststore record that contains the server certificates.
In the Bind distinguished name field, enter the credentials of the bind user who is allowed to search the directory tree for the credentials of a user who is attempting to log in. The standard LDAP authentication activities authenticate with the directory server as this user so it can then search the directory for users.
Click Update Bind Password to enter a password for the bind user.
In the Directory context field, enter the directory context that defines the branch in the Directory Information Tree (DIT) that holds information about the users who can be authenticated by this authentication server, for example, OU=people, DC=yourco, DC=com.
Click Test connectivity to check the connectivity to server and verify that the entered configuration JNDI binding parameters are correct.
- Authentication services
To override or extend the default authentication process, create and configure an authentication service.
- More about authentication services
This page describes additional topics relevant to authentication services that are not directly referenced on the rule form.
- Creating an authentication service
To override or extend the default authentication process, create an authentication service. By creating an authentication service, you implement more specialized authentication requirements than the default, for example, to use pre-authentication and post-authentication activities.
A keystore is a file that contains keys and certificates that you use for encryption, authentication, and serving content over HTTPS. In Pega Platform, you create a keystore data instance that points to a keystore file.