To create a custom pass-through authentication handler, use the Server SDK. To configure your pass-through handler in the server:

  1. Create an instance of a third-party pass-through authentication handler and set its extension-class property by running a command similar to the following.
    dsconfig create-pass-through-authentication-handler \
         --handler-name "<Example Handler>" \
         --type third-party \
         --set extension-class:<com.example.ExamplePassThroughAuthenticationHandler> \
         --set extension-argument:<argName1=argValue1> \
         --set extension-argument:<argName2=argValue2>

    The third-party pass-through authentication handler supports the following configuration properties.

    Property Description

    extension-class

    The fully-qualified name of the Java class that provides the custom pass-through authentication handler implementation. This class must be a subclass of com.unboundid.directory.sdk.ds.api.PassThroughAuthenticationHandler.

    extension-argument

    An optional set of name-value pairs that provide arguments needed to configure the custom pass-through authentication handler.

  2. Optional: Set any further configuration needs, as determined by your custom implementation, through the extension-argument property.
  3. After you have configured the third-party pass-through authentication handler, configure a pluggable pass-through authentication plugin instance to use it, using a command similar to the following.
    dsconfig create-plugin \
         --plugin-name "Pluggable Pass-Through Authentication" \
         --type pluggable-pass-through-authentication \
         --set enabled:true \
         -- set "pass-through-authentication-handler:<Example Handler>"
    Note:

    For more information about the configuration properties for the pluggable pass-through authentication plugin, see Working with pass-through authentication.