FTP Server migration using Sterling Secure Proxy – UserID based Dynamic Routing (page 5)

Create setup in SEAS to fetch Routing Information from LDAP

Since I am planning to log in to the VSFTPD and SB2BI through Sterling Secure Proxy, and use the LDAP for Authentication and UserId Based Routing I need to use Sterling External Authentication Server. This serves as the link between the SSP and the LDAP.

It is also the SEAS that is used to fetch the Routing Information stored in the LDAP.

I start by logging in to my SEAS Console.

In the Console I create a new “Authentication Definition”. I call it “dynamicRoutingProfile_FTP”. Add the LDAP host and Port and select to “Specify user DN”.

LDAP Connection Settings can be left as default.

Change Password Settings can also be left as default.

Add a new Attribute Query Definition by clicking on the +-button.

Give the Attribute Query Definition a name like “MapCredentials”. Select to “Use authenticated user’s connection”. Click “Next”.

Use “{principal}” as “Base DN”. Return Attributes should be “uid”, “userPassword” and “destinationIndicator”. The “destinationIndicator” is the variable telling what backend system the user should be routed to.

The Attribute Query Definition is now created. Click Next.

Attribute Assertion Definition can be skipped.

Application Output Definition is where we map the result fetched from the LDAP with the corresponding variables in SB2BI. So select “Application Feature” “Sterling”, and map “uid” to “mappedUid”, “userPassword” to “mappedPwd” and “destinationIndicator” to “mappedRoutingNodeName”.

Click “Next” and “Finish”.

Now the setup in Sterling External Authentication Server is done. Next is to configure Sterling Secure Proxy.