Specifying the binding parameters for a Kerberos authentication service
Specify the binding parameters so that a Kerberos authentication service can authenticate new requestors by accessing your repository.
Open the service from the navigation panel in Dev Studio by clicking Kerberos tab.and choosing a service from the instance list, and then navigate to the
In the Authentication activity field, press the Down Arrow key and select the pyAuthenticationKerberosCredentials activity. If you are not using SPNEGO Source Forge, modify this activity code to retrieve GSSCredentials from the pxRequestor clipboard page.
The activity must have Code-Security as the Applies To key part.
In the Initial context factory field, enter the Java class name of the JNDI initial context factory to use to connect to the directory server, for example, com.sun.jndi.ldap.LdapCtxFactory.
If you are using LDAP, in the Directory field, enter the LDAP server information. Otherwise, leave this field blank.
In the Trust store field, press the Down Arrow key and select the truststore record that contains the server certificates.
- Authentication services
To override or extend the default authentication process, create and configure an authentication service.
- More about authentication services
This page describes additional topics relevant to authentication services that are not directly referenced on the rule form.
- Creating an authentication service
To override or extend the default authentication process, create an authentication service. By creating an authentication service, you implement more specialized authentication requirements than the default, for example, to use pre-authentication and post-authentication activities.
A keystore is a file that contains keys and certificates that you use for encryption, authentication, and serving content over HTTPS. In Pega Platform, you create a keystore data instance that points to a keystore file.