Enabling Syncope Login Module - 8.0

Talend Installation Guide for Linux

Version
8.0
Language
English
EnrichDitaval
Linux
EnrichSubscriptionType
Subscription
Product
Talend Big Data
Talend Big Data Platform
Talend Data Fabric
Talend Data Integration
Talend Data Management Platform
Talend Data Services Platform
Talend ESB
Talend MDM Platform
Talend Real-Time Big Data Platform
Module
Talend Activity Monitoring Console
Talend Administration Center
Talend Artifact Repository
Talend CommandLine
Talend Data Preparation
Talend Data Stewardship
Talend ESB
Talend Identity and Access Management
Talend Installer
Talend JobServer
Talend LogServer
Talend MDM Server
Talend MDM Web UI
Talend Runtime
Talend SAP RFC Server
Talend Studio
Content
Installation and Upgrade
Available in...

Data Fabric

Data Services Platform

ESB

MDM Platform

Real-Time Big Data Platform

Talend Identity and Access Management, based on Apache Syncope, is a system that allows you to manage the user access to all the Talend web applications. For Talend ESB, it is used to manage users and groups within the ESB Runtime environment. For this reason, Talend Identity and Access Management is mandatory to use authentication and authorization with Talend ESB. For more information about how to install and configure Talend Identity and Access Management, see Installing and configuring Talend Identity and Access Management.

Once Talend Identity and Access Management is installed, you can enable the Syncope Login Module in Talend ESB by deploying the Syncope blueprint XML file to the Talend-ESB-VA.B.C/container/deploy folder.

Here is a template of the Blueprint descriptor:

<?xml version="1.0" encoding="UTF-8"?>
<blueprint xmlns="http://www.osgi.org/xmlns/blueprint/v1.0.0"
           xmlns:jaas="http://karaf.apache.org/xmlns/jaas/v1.1.0"
           xmlns:ext="http://aries.apache.org/blueprint/xmlns/blueprint-ext/v1.0.0">

    <jaas:config name="karaf" rank="2">
        <jaas:module className="org.apache.karaf.jaas.modules.syncope.SyncopeLoginModule"
                     flags="required">
           address=http://localhost:9080/syncope/rest
           admin.user=admin
           admin.password=password
           version=2
        </jaas:module>
    </jaas:config>

    <service interface="org.apache.karaf.jaas.modules.BackingEngineFactory">
        <bean class="org.apache.karaf.jaas.modules.syncope.SyncopeBackingEngineFactory"/>
    </service>

</blueprint>

The address property needs to be configured to reference your Syncope server. For Syncope 2.x, it must be set to ..syncope/rest instead of ..syncope/cxf for Syncope 1.x.

The credentials to access Syncope should also be configured.

The version property is used to select Syncope backend version 1 or 2.

To check if Syncope Login Module is installed successfully:

Procedure

  1. Get the list of available JAAS realms.
    karaf@trun> jaas:realm-list
    Index | Realm Name | Login Module Class Name
    ------+------------+---------------------------------------------------------
    1     | karaf      | org.apache.karaf.jaas.modules.syncope.SyncopeLoginModule
  2. Select JAAS Realm using JAAS realm index from previous step.
    karaf@trun> jaas:realm-manage --index 1
  3. Look up the Syncope users list.
    karaf@trun()> jaas:user-list