skip to main content
Administering Hybrid Data Pipeline : Authentication : Integrating external authentication with a Java plugin : Registering a Java plugin authentication service
  

Try Now
Registering a Java plugin authentication service
Before a user account can be configured to use a Java plugin authentication service, the authentication service must be registered in Hybrid Data Pipeline. As described in the following sections, you can register a Java plugin authentication service either through the Web UI or the Authentication API.
Note:
*An external authentication service registered in the default system tenant is available across all tenants, while an external authentication service registered in a child tenant is only available in that tenant. Once a service is registered with a tenant, the tenant administrator can create or modify user accounts to authenticate end user credentials against the service.
*A user with the Administrator (12) permission can register an external authentication service on any tenant within the system. A user with the RegisterExternalAuthService (26) permission can register an external authentication service on any tenant to which he or she has administrative access.

Register Java plugin service via the Web UI

Take the following steps to register a Java plugin service via the Web UI.
1. Navigate to the Manage External Authentication view by clicking the manage external authentication icon .
2. Select the tenant for which you are registering the service from the Select Tenant dropdown.
3. Click + New Service. You will be directed to the Create Authentication Service screen.
4. Provide the following information.
*The name and description of the service
*The service type
*The class name (The class name that implements the Java authentication plugin. For example, com.sample.plugin.auth.JavaPluginAuthSample.)
*Attributes (A JSON object comprised of named attribute values that are passed to the init method of the Java plugin.)
5. Click Save.
What to do next:
Configure Hybrid Data Pipeline user accounts to authenticate end user credentials against the Java plugin authentication service. See Configuring user accounts for Java plugin authentication for details.

Register Java plugin service via the Authentication API

The following POST operation registers the jplugauth service. The className property provides the class name of the Java plugin, and the attributes property provides the HashMap that will be processed by the authentication service. For further details, see Register an external authentication service.
Request
POST https://MyServer:8443/api/admin/auth/services
Request payload
{
"name": "jplugauth",
"tenantId": 1,
"description": "Java external auth plugin",
"authDefinition": {
"className": "com.test.hdp.plugins.auth.HDPUserAuthentication",
"attributes": {
"Server": "test-authentication",
"BackupServer": "test-authentication-backup"
}
},
"authTypeId": 2
}
Response payload
Status code: 201
Successful response
{
"id": 43,
"name": "jplugauth",
"tenantId": 1,
"description": "Java external auth plugin",
"authDefinition": {
"className": "com.test.hdp.plugins.auth.HDPUserAuthentication",
"attributes": {
"Server": "test-authentication",
"BackupServer": "test-authentication-backup"
}
},
"lastModifiedTime": "2018-02-15T11:09:35.107Z",
"authTypeId": 2,
"tenantName": "OrgM"
}
What to do next:
Configure Hybrid Data Pipeline user accounts to authenticate end user credentials against the Java plugin authentication service. See Configuring user accounts for Java plugin authentication for details.