Red Hat Summit第4章 Authenticating Business Central through RH-SSO
This chapter describes how to authenticate Business Central through RH-SSO. It includes the following sections:
Prerequisites
- Business Central is installed in a Red Hat JBoss EAP 7.2 server, as described in Installing and configuring Red Hat Decision Manager on Red Hat JBoss EAP 7.2.
- RH-SSO is installed as described in 2章Installing and configuring RH-SSO.
- Business Central users have been added to RH-SSO as described in 「Adding Red Hat Decision Manager users」.
Except for 「Creating the Business Central client for RH-SSO」, this section is intended for standalone installations. If you are integrating RH-SSO and Red Hat Decision Manager on Red Hat OpenShift Container Platform, complete only the steps in 「Creating the Business Central client for RH-SSO」 and then deploy the Red Hat Decision Manager environment on Red Hat OpenShift Container Platform. For information about deploying Red Hat Decision Manager on Red Hat OpenShift Container Platform, see the relevant document on the Red Hat Customer Portal.
4.1. Creating the Business Central client for RH-SSO
After the RH-SSO server starts, use the RH-SSO Admin Console to create the Business Central client for RH-SSO.
Procedure
Enter
http://localhost:8180/auth/adminin a web browser to open the RH-SSO Admin Console and log in using the admin credentials that you created while installing RH-SSO.注記If you are configuring RH-SSO with Red Hat OpenShift Container Platform, enter the URL that is exposed by the RH-SSO routes. Your OpenShift administrator can provide this URL if necessary.
When you login for the first time, you can set up the initial user on the new user registration form.
- In the RH-SSO Admin Console, click the Realm Settings menu item.
On the Realm Settings page, click Add Realm.
The Add realm page opens.
- On the Add realm page, provide a name for the realm and click Create.
Click the Clients menu item and click Create.
The Add Client page opens.
On the Add Client page, provide the required information to create a new client for your realm. For example:
- Client ID: kie
- Client protocol: openid-connect
Root URL:
http://localhost:8080/decision-central注記If you are configuring RH-SSO with Red Hat OpenShift Container Platform, enter the URL that is exposed by the Decision Server routes. Your OpenShift administrator can provide this URL if necessary.
Click Save to save your changes.
After you create a new client, its Access Type is set to
publicby default. Change it toconfidential.The RH-SSO server is now configured with a realm with a client for Business Central applications and running and listening for HTTP connections at
localhost:8180. This realm provides different users, roles, and sessions for Business Central applications.
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}