Try OpenEdge Now
skip to main content
Business Process Portal Administrator's Guide
Managing users : Configuring user management
 

Configuring user management

Business Process Server includes a user management mechanism that is capable of supporting multiple directory service architectures. It enables you to configure Business Process Server to effectively use your existing directory service. This section explains how Business Process Server supports the directory service architectures, which are also known as realms.

Understanding realms

Business Process Server supports the following directory services or realms:
Table 32. User management realms
Realm
Description
JDBC Realm
The JDBC realm is a user management system built on a database. It reads user, password, group, and Business Process Server specific information from the database. It also provides password encryption.
Note: Recursive groups are not supported for JDBC realms.
LDAP
The LDAP realm employs the LDAP directory service to retrieve user, password, and general group information. Other Business Process Server-specific information is retrieved from the database. LDAP runs over TCP/IP and features a hierarchical structure. Business Process Server supports Sun Java System Directory Server 5.2 and MS Active Directory for Windows 2000.
LDAP hybrid
The LDAP hybrid realm uses a combination of LDAP realm and Business Process Server database. Typically, the LDAP realm is used for authentication and Business Process Server database is used to store groups related information.
OERealm
The OEHybrid realm is a combination of the JDBC realm and the OpenEdge AppServer based service. Business Process Server (BP Server) supports the single point of authentication (SPA) service using the OEHybrid realm.
Note: Passwords are case sensitive in all realms. For more information, see Casesensitivity for user management.

Java interfaces for user management

Business Process Server provides three Java interfaces for user management:
*com.tdiinc.userManager.Group
*com.tdiinc.userManager.Realm
*com.tdiinc.userManager.User
By implementing these interfaces, you can easily plug in a new realm (a new user manager) into the Business Process Server system. The interfaces are in the um.jar file, which is in the OEBPS_HOME\lib directory.

Case sensitivity for user management

A user name and group name in the JDBC realm may or may not be case sensitive, depending on the following parameters:
usermgr.casesensitive in umacl.conf file in OEBPS_HOME/conf directory.
oebps.usermanager.casesensitive in oebps.conf file in OEBPS_HOME/conf directory.
Ensure that the values of both these parameters are consistent. Additionally, if you use the LDAP, LDAP hybrid, or OEHybrid realms, then ensure that the case sensitivity parameters set in Business Process Server are consistent with the case sensitivity parameters set in your LDAP, LDAP hybrid, or OEHybrid realms.
* Using OEHybrid realm for Single Point of Authentication
* Using the LDAP realm
* Using the LDAP hybrid realm
* Modifying the realm type
* Using setupOEBPS to clean or set up component data