Sap Nw Idm Tutorial

download Sap Nw Idm Tutorial

of 38

  • date post

    08-Nov-2014
  • Category

    Documents

  • view

    38
  • download

    0

Embed Size (px)

Transcript of Sap Nw Idm Tutorial

SAP NetWeaver Identity Management Virtual Directory Server Tutorial- Accessing LDAP servers

Version 7.0 Rev 3

Copyright 2007 SAP AG. All rights reserved. SAP Library document classification: PUBLIC

No part of this publication may be reproduced or transmitted in any form or for any purpose without the express permission of SAP AG. The information contained herein may be changed without prior notice. Some software products marketed by SAP AG and its distributors contain proprietary software components of other software vendors. Microsoft, Windows, Outlook, Excel, and PowerPoint are registered trademarks of Microsoft Corporation. IBM, DB2, DB2 Universal Database, OS/2, Parallel Sysplex, MVS/ESA, AIX, S/390, AS/400, OS/390, OS/400, iSeries, pSeries, xSeries, zSeries, System i, System i5, System p, System p5, System x, System z, System z9, z/OS, AFP, Intelligent Miner, WebSphere, Netfinity, Tivoli, Informix, i5/OS, POWER, POWER5, POWER5+, OpenPower and PowerPC are trademarks or registered trademarks of IBM Corporation. Adobe, the Adobe logo, Acrobat, PostScript, and Reader are either trademarks or registered trademarks of Adobe Systems Incorporated in the United States and/or other countries. Oracle is a registered trademark of Oracle Corporation. UNIX, X/Open, OSF/1, and Motif are registered trademarks of the Open Group. Citrix, ICA, Program Neighborhood, MetaFrame, WinFrame, VideoFrame, and MultiWin are trademarks or registered trademarks of Citrix Systems, Inc. HTML, XML, XHTML, and W3C are trademarks or registered trademarks of W3C, World Wide Web Consortium, Massachusetts Institute of Technology. Java is a registered trademark of Sun Microsystems, Inc. JavaScript is a registered trademark of Sun Microsystems, Inc., used under license for technology invented and implemented by Netscape. MaxDB is a trademark of MySQL AB, Sweden. SAP, R/3, mySAP, mySAP.com, xApps, xApp, SAP NetWeaver, and other SAP products and services mentioned herein as well as their respective logos are trademarks or registered trademarks of SAP AG in Germany and in several other countries all over the world. All other product and service names mentioned are the trademarks of their respective companies. Data contained in this document serves information purposes only. National product specifications may vary. These materials are subject to change without notice. These materials are provided by SAP AG and its affiliated companies ("SAP Group") for informational purposes only, without representation or warranty of any kind, and SAP Group shall not be liable for errors or omissions with respect to the materials. The only warranties for SAP Group products and services are those that are set forth in the express warranty statements accompanying such products and services, if any. Nothing herein should be construed as constituting an additional warranty.

i

PrefaceThe productThe SAP NetWeaver Identity Management Virtual Directory Server can logically represent information from a number of disparate directories, databases, and other data repositories in a virtual directory tree. Different users and applications can, based on their access rights, get different views of the information. Features like namespace conversion and schema adaptations provide a flexible solution that can continually grow and change to support demands from current and future applications, as well as requirements for security and privacy, without changing the underlying architecture and design of data stores like databases and directories.

The readerThis manual is written for people who are to access LDAP servers with the Virtual Directory Server.

PrerequisitesTo get the most benefit from this tutorial, you should have the following knowledge: Basic knowledge of LDAP. Basic knowledge of Java.

The following software is required: SAP NetWeaver Identity Management Virtual Directory Server version 7.0 or newer, correctly installed and licensed. A Java development environment. This can be downloaded from http://java.sun.com (version 1.5). The source file for this tutorial: The mvd-ldap.xml configuration file with a minimum configuration for the Virtual Directory Server, including the Java classes necessary to access the LDAP directory. The directory server for the tutorials that is installed with the product.

The manualThis document contains a tutorial for accessing LDAP directory servers with the Virtual Directory Server. You will also see how you can modify an attribute using a Java class and how you can implement access control in the virtual tree.

Copyright 2007 SAP AG. All rights reserved.

ii

Related documentsYou can find useful information in the following documents: The X.500 standard, which can be ordered from http://www.itu.int. LDAP v. 2, RFC1777, "Lightweight Directory Access Protocol". LDAP v. 3, RFC 2251, "Lightweight Directory Access Protocol (V3)".

RFCs and Internet drafts can be downloaded from http://www.ietf.org.

Copyright 2007 SAP AG. All rights reserved.

iii

Table of contentsIntroduction........................................................................................................................................ 1Verifying the configuration of the Virtual Directory Server......................................................................1 Section overview ........................................................................................................................................2

Section 1: Opening the server configuration ................................................................................... 3Starting the directory server .......................................................................................................................3 Opening the server configuration ...............................................................................................................3 Configuring the data source .......................................................................................................................5 Configuring the virtual tree ........................................................................................................................6 Specifying the port number ........................................................................................................................8 Enabling the operation log .........................................................................................................................9 Running the server ...................................................................................................................................10 Testing the configuration .........................................................................................................................11

Section 2: Adding a directory server.............................................................................................. 12 Section 3: Modifying the virtual tree.............................................................................................. 17Creating the static nodes ..........................................................................................................................17 Creating the data source node ..................................................................................................................19 Moving the existing node.........................................................................................................................20 Moving the access rights ..........................................................................................................................21 Running the server ...................................................................................................................................22

Section 4: Differentiating access rights .......................................................................................... 23Adding the user group ..............................................................................................................................23 Adding the user profile.............................................................................................................................24 Creating the rule .......................................................................................................................................25 Implementing the access rights in the virtual tree ....................................................................................26 Adding LDAP attributes to the static node ..............................................................................................27 Running the server ...................................................................................................................................28

Section 5: Altering an attribute using a Java method .................................................................. 29Creating the class .....................................................................................................................................29 Adding the method ...................................................................................................................................30 Calling the method ...................................................................................................................................32 Running the server ...................................................................................................................................32

Copyright 2007 SAP AG. All rights reserved.

iv

Copyright 2007 SAP AG. All rights reserved.

1

Introduction SAP NetWeaver Identity Management Virtual Directory Server Tutorial - Accessing LDAP servers

IntroductionThe purpos