Jump to: navigation, search

SMILA/Documentation/LDAPSecurityResolver

org.eclipse.smila.security.ldap.LDAPSecurityResolver

Description

This is an implementation of the org.eclipse.smila.security.SecurityResolver interface, allowing to resolve principals against an LDAP directory.

The following LDAP object classes are interpreted as groups:

  • group
  • groupOfNames
  • groupOfUniqueNames
  • dynamicGroup
  • dynamicGroupAux

Configuration

Property Constraint Description
ldap.host required the ip adress or hostname of the LDAP directory server
ldap.port optional the port of the LDAP directory server, default is 389
ldap.login required the full user DN used to log into the LDAP directory
ldap.password required the password for the user configured in ldap.login
ldap.base.dn required the base DN used as root folder to search principals in
ldap.username.attribute optional the name of the LDAP property containing the user id, default is "cn"

The configuration file has to be named ldap.properties and has to be located in folder configuration/org.eclipse.smila.security.ldap/.

Example

ldap.properties for LDAPSecurityResolver

# connection settings
ldap.host=localhost
ldap.port=389
ldap.login=CN=admin
ldap.password=secret
#ldap server settings
ldap.base.dn=DC=local
ldap.username.attribute=cn