Enabling Syncope Login Module

Talend Real-Time Big Data Platform Installation Guide for Windows

EnrichVersion
6.5
EnrichProdName
Talend Real-Time Big Data Platform
task
Installation and Upgrade
EnrichPlatform
Talend Runtime
Talend Administration Center
Talend Installer
Talend CommandLine
Talend Artifact Repository
Talend Activity Monitoring Console
Talend Data Stewardship
Talend JobServer
Talend Studio
Talend Identity and Access Management
Talend DQ Portal
Talend ESB
Talend Log Server
Talend Data Preparation
Talend SAP RFC Server
Talend Repository Manager

Talend Identity and Access Management, based on Apache Syncope, is a system that allows you to manage the user access to all the Talend web applications. For Talend ESB, it is used to manage users and groups within the ESB Runtime environment. So Talend Identity and Access Management is mandatory to use authentication and authorization with Talend ESB. For more information about how to install and configure Talend Identity and Access Management, see Installing and configuring Talend Identity and Access Management.

Once Talend Identity and Access Management is installed, you can enable the Syncope Login Module in Talend ESB by deploying the Syncope blueprint XML file to the Talend-ESB-VA.B.C/container/deploy folder.

A template of the Blueprint descriptor is shown below:.

<?xml version="1.0" encoding="UTF-8"?>
<blueprint xmlns="http://www.osgi.org/xmlns/blueprint/v1.0.0"
           xmlns:jaas="http://karaf.apache.org/xmlns/jaas/v1.1.0"
           xmlns:ext="http://aries.apache.org/blueprint/xmlns/blueprint-ext/v1.0.0">

    <jaas:config name="karaf" rank="2">
        <jaas:module className="org.apache.karaf.jaas.modules.syncope.SyncopeLoginModule"
                     flags="required">
           address=http://localhost:9080/syncope/rest
           admin.user=admin
           admin.password=password
           version=2
        </jaas:module>
    </jaas:config>

    <service interface="org.apache.karaf.jaas.modules.BackingEngineFactory">
        <bean class="org.apache.karaf.jaas.modules.syncope.SyncopeBackingEngineFactory"/>
    </service>

</blueprint>

The address property needs to be configured to reference your Syncope server. For Syncope 2.x, it must be set to ..syncope/rest instead of ..syncope/cxf for Syncope 1.x.

The credentials to access Syncope should also be configured.

The version property is used to select Syncope backend version, 1 or 2.

To check if Syncope Login Module is installed successfully:

Procedure

  1. Get the list of available Jaas realms.
    karaf@trun> jaas:realm-list
    Index | Realm Name | Login Module Class Name
    ------+------------+---------------------------------------------------------
    1     | karaf      | org.apache.karaf.jaas.modules.syncope.SyncopeLoginModule
  2. Select Jaas Realm using Jaas realm index from previous step.
    karaf@trun> jaas:realm-manage --index 1
  3. Check Syncope users list.
    karaf@trun()> jaas:user-list