Broker 10.15 | webMethods Broker Documentation | Administering webMethods Broker | Managing Broker Security | Securing Broker Server Using Basic Authentication | Basic Authentication Configuration File
 
Basic Authentication Configuration File
 
Basic Authentication on UNIX
Basic Authentication Configuration Parameters
You will find a sample basic authentication configuration file, in the following location:
%BROKER_HOME%\config folder
The basic authentication configuration file contains one or more directory aliases. An alias marks the beginning of a set of directory type configuration parameters. By default, the basic authentication configuration file contains sample entries for each supported authentication system (OS, LDAP, and ADSI). All of these entries are commented by using a # (hash) symbol in the first column. You must alter this file and uncomment the authentication system you are using. If required, additional entries for authentication systems can be added by specifying a new alias, type, followed by the directory-type specific configuration parameters. The following is a sample basic authentication configuration file for your reference.
logfile=basicauth.log
loglevel=1
 
#Sample OS authentication entry
#alias=LocalOS
#authtype=OS
#os-win-auth-user-exist=true
#defaultdomain=eur
 
# Sample LDAP authentication entry
#scan-all-alias=0
#alias-min-disable-time=30
#alias-max-disable-time=120
#alias=LDAP1
#authtype=LDAP
#serverhost=ldap://linuxserver:389
#ldap-person-base-binddn=ou=users,o=webmtest
#ldap-group-base-binddn=ou=groups,o=webmtest
#ldap-person-objectclass=organizationalPerson
#ldap-group-objectclass=groupOfUniqueNames
#ldap-group-prs-attr=uniqueMember
#ldap-server-type=OpenLdap
#ldap-userid-field=uid
#ldap-groupid-field=cn
#ldap-allow-domain-as-base-binddn=true
#ldap-person-property-attr=cn,sn
#ldap-group-property-attr=cn
#resolve-groups=ru
 
# Sample ADSI authentication entry
#alias=ADSI1
#authtype=ADSI
#serverhost=server1
#adsi-forest-dn=dc=ad,dc=myCompany
#defaultdomain=eur
You need to manually maintain the basic authentication configuration file on the file system. After making changes to the file, you must restart Broker Server for the changes to take effect.
When a client connects to Broker Server and passes the credentials (user name, and password), Broker Server authenticates them against the configured aliases in sequence. If an alias is not accessible, or authentication fails against that alias, Broker Server tries to authenticate the user against the next alias in the list. If authentication fails for all aliases, the connection request is rejected.