wiki:LDAPUserDatabase

LDAPUserDatabase

The JSPWiki/Kaukolu LDAPUserDatabase class allows to use an LDAP server as authentication/user information backend. It can be used with this LDAPLoginModule for user authentication or with existing container managed authentication like JNDI - LDAP lookups. With modifications, it can also work with an unmodified (non posixAccount) Active Directory LDAP server.

Features

  • Connects via ldap(s) to an LDAP server
  • Authenticates to the LDAP server using the credentials entered by the user (no anonymous binding)
  • Pulls user info from LDAP entry (expects a posixAccount LDAP object, see createUserProfileFromAttributes() method for details)
    • User wiki name is built from cn attribute (minus spaces)
  • Read-only LDAP access (no updates of the LDAP directory using the wiki)

Status

  • Works with JSPWiki 2.4 (changeset:365 needed)
  • Works with Kaukolu
  • Inefficient (no connection pooling)
  • User info gets cached indefinitely (until wiki restart)
  • No support for LDAP groups (yet)

Download

None yet, pull sources directly from SVN:

Installation

  • Download the two java files
  • Build/deploy war (could you please add more information about how to do this step)
  • Change this in jspwiki.properties:
    jspwiki.security = jaas
    jspwiki.userdatabase = de.opendfki.kaukoluwiki.auth.user.LDAPUserDatabase
    
  • Add this to jspwiki.properties:
    jspwiki.ldapuserdatabase.providerurl = ldap://ldap.example.org/ou=People,dc=example,dc=org
    jspwiki.ldapuserdatabase.principal = uid=$USERNAME,ou=People,dc=example,dc=org
    
  • Change JSPWiki-custom config in jspwiki.jaas:
    JSPWiki-custom {
      de.opendfki.kaukoluwiki.auth.login.LDAPLoginModule    REQUIRED;
    };
    

Support

None but you may use the ticket system on this site of course.

Last modified 10 years ago Last modified on 12/04/07 00:36:58