Switch to Active Directory

To switch to using Active Directory for authentication you need to change a setting in the Content Store's authentication configuration file. In a standard installation (as described in the CUE Content Store Installation Guide), this configuration file will be located in the common configuration layer: /etc/escenic/engine/common/security/jaas.config.

Open this file for editing and replace: 

ece-basic {
       com.escenic.auth.jaas.BasicLoginModule required;
};

with one of the following two options: 

  • ece-basic {
        com.escenic.auth.jaas.ShiroLoginModule required;
};

    This setting completely replaces the Content Store's native authentication mechanism with Active Directory: only users defined in Active Directory will be able to log in. 

  • ece-basic {
       com.escenic.auth.jaas.BasicLoginModule Sufficient;
       com.escenic.auth.jaas.ShiroLoginModule Sufficient;
};

    This setting allows both the Content Store's native authentication mechanism and Active Directory to be used: users with passwords defined in Web Studio will be able to log in as well as users defined in Active Directory.

Restart the application server.

Users should now be able to login to CUE and Web Studio using their Active Directory user names and passwords. If this does not seem to work, it may be because Active Directory requires the domain name to be specified with user names. For such case you have to either

  • Specify the domain name when login, for example, username@example.com.

  • Or, set the domain name to use by default (see Setting a Default Domain).

For the former option to work properly you must have users having usernames of the same format, i.e. username@example.com in CUE Content Store.

Setting a Default Domain

Copyright © 2003-2021 CCI Europe AS