Enabling Syncope Login Module
Talend Identity and Access Management, based on Apache Syncope, is a system that allows you to manage the user access to all the Talend web applications. For Talend ESB, it is used to manage users and groups within the ESB Runtime environment. So Talend Identity and Access Management is mandatory to use authentication and authorization with Talend ESB. For more information about how to install and configure Talend Identity and Access Management, see Installing and configuring Talend Identity and Access Management.
Once Talend Identity and Access Management is installed, you can enable the Syncope Login Module in Talend ESB by deploying the Syncope blueprint XML file to the <TalendESBPath>/container/deploy folder.
A template of the Blueprint descriptor is shown below:.
<?xml version="1.0" encoding="UTF-8"?>
<blueprint xmlns="http://www.osgi.org/xmlns/blueprint/v1.0.0"
xmlns:jaas="http://karaf.apache.org/xmlns/jaas/v1.1.0"
xmlns:ext="http://aries.apache.org/blueprint/xmlns/blueprint-ext/v1.0.0">
<jaas:config name="karaf" rank="2">
<jaas:module className="org.apache.karaf.jaas.modules.syncope.SyncopeLoginModule"
flags="required">
address=http://localhost:9080/syncope/rest
admin.user=admin
admin.password=password
version=2
</jaas:module>
</jaas:config>
<service interface="org.apache.karaf.jaas.modules.BackingEngineFactory">
<bean class="org.apache.karaf.jaas.modules.syncope.SyncopeBackingEngineFactory"/>
</service>
</blueprint>
The address property needs to be configured to reference your Syncope server. For Syncope 2.x, it must be set to ..syncope/rest instead of ..syncope/cxf for Syncope 1.x.
The credentials to access Syncope should also be configured.
The version property is used to select Syncope backend version, 1 or 2.
To check if Syncope Login Module is installed successfully: