UnboundID Data Broker - Username Password Identity Authenticator

Data Broker Documentation Index
Configuration Reference Home

Username Password Identity Authenticator

Note: this component stores cluster-wide configuration data and is mirrored across all servers in the topology within the the same cluster.

Note: changes to cluster-wide configuration objects are immediately and automatically mirrored across all servers within the same cluster, so offline changes are not supported.

The Username Password Identity Authenticator may be used to authenticate an end-user with a username and password.

↓Parent Component
↓Properties
↓dsconfig Usage

Parent Component

The Username Password Identity Authenticator component inherits from the Identity Authenticator

Properties

The properties supported by this managed object are as follows:

Basic Properties:	Advanced Properties:
↓ description	None
↓ enabled
↓ match-filter
↓ match-pattern

Basic Properties

description

Description	A description for this Identity Authenticator
Default Value	None
Allowed Values	A string
Multi-Valued	No
Required	No
Admin Action Required	None. Modification requires no further action

enabled

Description	Indicates whether the authenticator is enabled. If a method is not enabled, then its authentication requests using this authenticator will not be processed.
Default Value	None
Allowed Values	true false
Multi-Valued	No
Required	Yes
Admin Action Required	None. Modification requires no further action

match-filter

Description	Specifies the SCIM search filter that should be used when performing searches to map the provided username to a user resource. The filter pattern may include a string from a capturing group matched by the match pattern by using a dollar sign ($) followed by an integer value that indicates which capturing group should be used. Capture group 0 refers to the entire username that matched. For example, the match-filter "userName eq $1 and organization eq $2" with a match-pattern of ^(.)@(.)$ will substitute $1 and $2 with the portions before and after the '@' symbol in the username respectively.
Default Value	userName eq "$0"
Allowed Values	A string
Multi-Valued	No
Required	Yes
Admin Action Required	None. Modification requires no further action

match-pattern

Description	Specifies the regular expression pattern that is used to identify portions of the username that will be replaced. Any portion of the username that matches this pattern is replaced in accordance with the provided match-filter replace pattern. If multiple substrings within the given username match this pattern, all occurrences are replaced. If no part of the given username matches this pattern, the match-filter is not altered. It must be a valid regular expression as described in the API documentation for the java.util.regex.Pattern class, including support for capturing groups. For example, a match-pattern of ^(.)@(.)$ will match an e-mail address username. The match-filter "userName eq $1 and organization eq $2" may then be used to substitute $1 and $2 with the portions before and after the '@' symbol in the username respectively.
Default Value	^.*$
Allowed Values	Any valid regular expression pattern which is supported by the javax.util.regex.Pattern class (see http://docs.oracle.com/javase/6/docs/api/java/util/regex/Pattern.html for documentation about this class for Java SE 6).
Multi-Valued	No
Required	No
Admin Action Required	None. Modification requires no further action

dsconfig Usage

To list the configured Identity Authenticators:

dsconfig list-identity-authenticators
     [--property {propertyName}] ...

To view the configuration for an existing Identity Authenticator:

dsconfig get-identity-authenticator-prop
     --authenticator-name {name}
     [--tab-delimited]
     [--script-friendly]
     [--property {propertyName}] ...

To update the configuration for an existing Identity Authenticator:

dsconfig set-identity-authenticator-prop
     --authenticator-name {name}
     (--set|--add|--remove) {propertyName}:{propertyValue}
     [(--set|--add|--remove) {propertyName}:{propertyValue}] ...

To create a new Username Password Identity Authenticator:

dsconfig create-identity-authenticator
     --authenticator-name {name}
     --type username-password
     --set enabled:{propertyValue}
     [--set {propertyName}:{propertyValue}] ...

To delete an existing Identity Authenticator:

dsconfig delete-identity-authenticator
     --authenticator-name {name}