Create a profile

You can create a profile that determines the authentication method and settings in TeamForge.

You need to have at least one user profile or more in active status before configuring the external authentication.
  1. Log on to the TeamForge as a site administrator and go to the look project.
  2. From the project navigation bar, click AUTH MANAGER.
  3. From the Main Menu pane on the left, click Create Profile.
    Fastpath: In the Manage Existing Profiles page, if you do not find the desired one in the list of existing authentication profiles, you can click New Profile and proceed.
  4. From the drop-down menu, select the type of the new authentication profile.
    • LDAP: It uses the user name and password provided by the user to bind to the LDAP. If the bind is successful, the user is authenticated. This is a simple method of authentication. Click here for more information.
    • LdapExtended: It uses a service account to bind to the LDAP. Customizable filters are used to bind with the user and to validate authentication. Click here for more information.
      Tip: Use this module if the users are spread over LDAP or when a group membership is required to access TeamForge.
      Important: You can use only the LdapExtended profile as a source for LDAP Sync.
    • Active Directory: It uses the user data configured through Microsoft's Active Directory. This is a simple method of authentication.
    • Kerberos: It uses MIT KRB5 authentication. Contact your network admin for the host configuration settings.
  5. Set the Jboss flag that determines the behaviour of the control flag with multiple login-modules.
    • Sufficient: The login-module is not required to succeed. If it does succeed, control immediately returns to the application (authentication does not proceed down the login-module list). If it fails, authentication continues down the login-module list.
    • Optional: The login-module is not required to succeed. If it succeeds or fails, authentication still continues to proceed down the login-module list.
    • Required: The login-module is required to succeed. If it succeeds or fails, authentication still continues to proceed down the login-module list.
  6. Enter the value for each module property listed for the chosen profile type.
  7. Click Create. The confirmation message, The authentication profiles have been imported. Activate the profiles to apply to TeamForge authentication, appears.
    Remember: The newly created profile is listed under Authentication Profiles in the Manage Existing Profile page. It is now inactive and the status indicator is yellow. You must activate the newly created user profile.
    Tip: Before you create any profiles using Auth Manager, you may see an inactive auto-imported TeamForgeDatabase profile appearing under Authentication Profiles. It is recommended to delete the Auto-imported UsernamePasswordInDatabaseLoginModule after creating and activating your first profile. Because the subsequent login and authentication request pass only through the active profile(s).
Parent topic: Manage authentication profiles