Jazz Forum Welcome to the Jazz Community Forum Connect and collaborate with IBM Engineering experts and users

Start with Federated Realm, move to LDAP later?

I'm getting ready to install CLM for a customer using an Enterprise topology (JTS, CCM, QM and RM on their own virtual server). Unfortunately, the virtual infrastructure can't access the corporate LDAP server because it hasn't been 'blessed'.  I'm leaning toward using a Federated Realm for users initially, then moving to LDAP in the future after the infrastructure gets blessed.

Question 1: How much pain will be involved in moving from a Federated Realm to LDAP?  The same user IDs will be used in both scenarios.

Question 2: My understanding is that each Virtual Server needs to be configured to access LDAP or the Federated Realm.  If Single SignOn is configured, shouldn't only the JTS server need to be configured to contact the user repository?

0 votes



One answer

Permanent link
With regards to your questions:
1- the most important part will be ensuring that the usernames and IDs are correct so that they can easily be authenticated into LDAP (when you move to LDAP) without losing any history.

2- Authentication and Authorization is handled by Tomcat/Websphere. Each application will need the configuration files to be able to access LDAP. Even with single sign on, the configuration is still needed.

0 votes

Comments

Hello,
I have the same question for the opposal ...
I would like to change LDAP connection to Federated.
What is the impact ?
Thanks for your feedback
Mathieu

Your answer

Register or log in to post your answer.

Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.

Search context
Follow this question

By Email: 

Once you sign in you will be able to subscribe for any updates here.

By RSS:

Answers
Answers and Comments
Question details
× 2,354

Question asked: Sep 06 '12, 4:14 p.m.

Question was seen: 4,417 times

Last updated: Nov 09 '16, 8:10 a.m.

Confirmation Cancel Confirm