ASG
IBM
Zystems
Cressida
Icon
Netflexity
 
  MQSeries.net
Search  Search       Tech Exchange      Education      Certifications      Library      Info Center      SupportPacs      LinkedIn  Search  Search                                                                   FAQ  FAQ   Usergroups  Usergroups
 
Register  ::  Log in Log in to check your private messages
 
RSS Feed - WebSphere MQ Support RSS Feed - Message Broker Support

MQSeries.net Forum IndexWebSphere Message Broker SupportSecurityPEP Node Integrated with Active Directory for Author

Post new topicReply to topic
SecurityPEP Node Integrated with Active Directory for Author View previous topic :: View next topic
Author Message
EricCox
PostPosted: Mon Jul 17, 2017 8:10 am Post subject: SecurityPEP Node Integrated with Active Directory for Author Reply with quote

Master

Joined: 08 Apr 2011
Posts: 285

To all,

Does anyone have a link to an example of how to set up the SecurityPEP node to receive an Identity token from an AD user and then how to perform AD Group Authorization?

I don't see any examples. Maybe I'm not looking with the correct keywords or product names etc.

Is this possible? Has anyone done this?

We do not want to do Authentication. However, the service needs to receive an Identity token from the Application that represents the AD user. That token needs to be consumed and checked against AD Group assignment for Authorization to the requested business function within the REST API.

All help is greatly appreciated.

Thanks,
EC
Back to top
View user's profile Send private message
shashivarungupta
PostPosted: Mon Aug 14, 2017 6:43 pm Post subject: Re: SecurityPEP Node Integrated with Active Directory for Au Reply with quote

Grand Master

Joined: 24 Feb 2009
Posts: 1325
Location: Floating in space on a round rock.

EricCox wrote:
...a link to an example of how to set up the SecurityPEP node to receive an Identity token from an AD user and then how to perform AD Group Authorization?


https://www.ibm.com/support/knowledgecenter/en/SSMKHH_9.0.0/com.ibm.etools.mft.samples.securitypepnode.doc/doc/overview.htm

Try accessing above link where samples is referenced. Hope that will help.
_________________
*Life will beat you down, you need to decide to fight back or leave it.
Back to top
View user's profile Send private message Send e-mail
martinb
PostPosted: Tue Aug 15, 2017 12:48 am Post subject: Reply with quote

Disciple

Joined: 09 Nov 2006
Posts: 159
Location: UK

Yep you should be able to get a Security PEP node to perform just authorization with the Active Directory.

Create a Security profile as per Creating a security profile for LDAP

Having "authentication" set to NONE and "authorization" set to LDAP.

The following post talks about the "authorizationConfig" settings for the Security profiles for Active Directory LDAP

http://www.mqseries.net/phpBB2/viewtopic.php?p=382323&sid=ec14a6ce1c4f5ca847cd037bb1e64486

HTH
Back to top
View user's profile Send private message
EricCox
PostPosted: Tue Aug 15, 2017 4:13 am Post subject: Thanks Reply with quote

Master

Joined: 08 Apr 2011
Posts: 285

Thanks very much Martin
Back to top
View user's profile Send private message
Display posts from previous:
Post new topicReply to topic Page 1 of 1

MQSeries.net Forum IndexWebSphere Message Broker SupportSecurityPEP Node Integrated with Active Directory for Author
Jump to:



You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
Protected by Anti-Spam ACP


Theme by Dustin Baccetti
Powered by phpBB 2001, 2002 phpBB Group

Copyright MQSeries.net. All rights reserved.