Enabling authentication using Talend Administration Center - 6.1

Talend MDM Platform Installation Guide

EnrichVersion
6.1
EnrichProdName
Talend MDM Platform
task
Installation and Upgrade
EnrichPlatform
Talend Activity Monitoring Console
Talend Administration Center
Talend Artifact Repository
Talend CommandLine
Talend DQ Portal
Talend ESB
Talend Identity Management
Talend Installer
Talend JobServer
Talend Log Server
Talend MDM Server
Talend MDM Web UI
Talend Project Audit
Talend Repository Manager
Talend Runtime
Talend SAP RFC Server
Talend Studio

To configure MDM to authenticate users via Talend Administration Center, you first need to enable such authentication in the Talend MDM configuration file and provide certain information related to your Talend Administration Center installation.

Note that, although authentication occurs in Talend Administration Center, authorization still takes place in the MDM database.

Therefore, users in both Talend Administration Center and MDM must remain synchronized. That is, user names and email addresses must be consistent.

One way of doing this could be to create a Job which returns a list of users using the Talend Administration Center MetaServlet and creates, removes and updates user information in MDM in line with any changes made in Talend Administration Center. Additionally, if the Talend Administration Center login module cannot find the user who is attempting to authenticate, it will fall back to checking in the MDM database as well.

Warning

If you change the Talend Administration Center authentication details for the admin user before you make the same change in MDM, you may no longer be able to access MDM because the Talend Administration Center login is not the same as the MDM admin login.

To configure authentication via Talend Administration Center:

  1. In <$INSTALLDIR>\conf, open the file jaas_tac.conf.

    This file is a template that contains the configuration information related to Talend Administration Center.

  2. Update the information shown in the table below with the appropriate details for your installation.

    module-option namePurposeExample
    tacUrl

    Provide the URL used to access Talend Administration Center, including the port.

    http://localhost:8080/org.talend.administrator

    http://your-company.com:8080/org.talend.administrator

    useEmailAddress

    In Talend Administration Center, user names are always in the form of an email address. In MDM, this is not the case by default.

    • Set this option to true if user names in MDM are not in the form of email addresses. Subsequently, when a user logs into Talend Administration Center using a user name that is not in the form of an email address, a lookup will be performed in the MDM database to retrieve the corresponding email address, which will then be used to authenticate the user in Talend Administration Center.

    • Set this option to false if user names in MDM are already in the form of email addresses.

    true

    false

    forbidsLoginByMDM

    Indicate whether to fall back to the MDM authentication when a user fails the Talend Administration Centerauthentication.

    false

  3. Save your changes under the file name jaas.conf.

    Warning

    Since this action will replace the existing jaas.conf file, it is strongly recommended that you first make a backup copy of the existing jaas.conf file, and/or copy all the relevant configuration information into your new file.

  4. Restart your MDM server for your changes to be taken into account.