Before following the steps outlined here make sure that you have OpenDJ installed, configured, running and that a LDAP structure with OU, users and groups does exist. These documents explain how to get OpenDJ up and running:
The configurations steps outlined in this document are basically following the official SUP documentation, they are just adjusted for the actual OpenDJ installation.
Create a security configuration
Login to Sybase Control Center on http://sup:8283/scc Select Security on the right and create a new security configuration. Give it a meaningful name, like Android.
Edit the authentication providers. Basically this is the same as outlined in the document NAME. Delete the standard NoSecProvider, add a new one and using the com.sybase.security.ldap.LDAPLoginModule as authentication provider.
Configure the parameters as explained in the SUP documentation
The parameter “Provider URL” points to your actual OpenDJ installation. The port 389 is a standard LDAP port and localhost is given because OpenDJ is running in the same machine as SUP. Make sure that the parameters
- Bind Password,
- Authentication Search Base and
- Role Search Base
reflect your actual OpenDJ configuration. To tell SUP what kind of LDAP server to expect, the parameter “Server Type” needs to be set to openldap.
It is not necessary to configure an authorization provider, as SUP documentation explains. Validate and apply the changes.
Now you have an additional security configuration. To make use of it the new configuration needs to be added to a domain. Add the new security configuration to the default domain.
Now you can select the new security configuration when deploying a MBO with the SDK:
To see what MBOs / applications are assigned to the security domain, you can use the SCC and check what is registered under the domain and security configuration.
Now applications that are using the MBO will start making use of the security configuration. In the SUP101 example the deployed native Android app automatically will use the new configuration. The application used is SUP101 from the tutorials. This means that you have to provide the credentials in the source code:
private static String USERNAME = "<OpenDJ user>"; private static String PASSWORD = "<password>";
Build the app and run it on your Android simulator. The app will try to connect to SUP and load the DB, then present a screen containing a list of names. When the app is not able to load the data from SUP (aka: logon error), the screen won’t show the names.
Loading the data.
Showing the DB content
Does it really work? Let’s test the same application with wrong credentials for user android22
private static String USERNAME = "<OpenDJ user>"; private static String PASSWORD = "<wrong password>";
After starting the app:
In the debug console the app will throw an authentication error;
How does that look from the server side? In the SUP log the same authentication error will look like: