Page created: 4 Feb 2020
|
Page updated: 22 Jul 2020
Clients must use HTTP Basic authentication to authenticate to the
Configuration API. If the user name value is not a DN, then it will
be resolved to a DN value using the identity mapper associated with
the Configuration servlet. By default, the Configuration API uses
an identity mapper that allows an entry’s UID value to be used as
a user name. To customize this behavior, either customize the
default identity mapper, or specify a different identity mapper using
the Configuration servlet’s
identity-mapper
property. For example:
$ bin/dsconfig set-http-servlet-extension-prop \ --extension-name Configuration \ --set "identity-mapper:Alternative Identity Mapper”To access configuration information, users must have the appropriate privileges:
- To access the
cn=config
backend, users must have thebypass-acl
privilege or be allowed access to the configuration using an ACI. - To read configuration information, users must have the
config-read
privilege. - To update the configuration, users must have the
config-write
privilege.