To configure MDM to authenticate users via Talend Administration Center, you first need to enable such authentication in the Talend MDM configuration file and provide certain information related to your Talend Administration Center installation.
Note that, although authentication occurs in Talend Administration Center, authorization still takes place in the MDM database.
Therefore, users in both Talend Administration Center and MDM must remain synchronized. That is, user names and email addresses must be consistent.
One way of doing this could be to create a Job which returns a list of users using the Talend Administration Center MetaServlet and creates, removes and updates user information in MDM in line with any changes made in Talend Administration Center. Additionally, if the Talend Administration Center login module cannot find the user who is attempting to authenticate, it will fall back to checking in the MDM database as well.
If you change the Talend Administration Center authentication details for the admin user before you make the same change in MDM, you may no longer be able to access MDM because the Talend Administration Center login is not the same as the MDM admin login.
To configure authentication via Talend Administration Center:
In <$INSTALLDIR>\conf, open the file jaas_tac.conf.
This file is a template that contains the configuration information related to Talend Administration Center.
Update the information shown in the table below with the appropriate details for your installation.
module-option name Purpose Example
Provide the URL used to access Talend Administration Center, including the port.
In Talend Administration Center, user names are always in the form of an email address. In MDM, this is not the case by default.
Set this option to true if user names in MDM are not in the form of email addresses. Subsequently, when a user logs into Talend Administration Center using a user name that is not in the form of an email address, a lookup will be performed in the MDM database to retrieve the corresponding email address, which will then be used to authenticate the user in Talend Administration Center.
Set this option to false if user names in MDM are already in the form of email addresses.
Indicate whether to fall back to the MDM authentication when a user fails the Talend Administration Centerauthentication.
Save your changes under the file name jaas.conf.
Since this action will replace the existing jaas.conf file, it is strongly recommended that you first make a backup copy of the existing jaas.conf file, and/or copy all the relevant configuration information into your new file.
Restart your MDM server for your changes to be taken into account.