ActiveDirectory page described how to configure EmForge to use your Windows Domain Active Directory for EmForge Authentication.
This page is described some details about using OpenLDAP server for EmForge authentication
OpenLDAP configuration
Preconfiguration in OpenLDAP is same as ActiveDirectory - you need to create 3 groups in your OpenLDAP directory:
- EmForgeUser
- EmForgeAdmin
- WikiWriter
Here is example of configuration file to use OpenLDAP. For details about what each option mean - please refer ActiveDirectory page
security.providers=ldapAuthProvider, rememberMeAuth
security.userServices=openLdapUserService
# LDAP/ActiveDirectory settings
security.ldap.url=ldap://localhost:389/dc=unidadweb,dc=es
security.ldap.managerDn=cn=Manager,dc=unidadweb,dc=es
security.ldap.managerPassword=123456
security.ldap.usersBase=ou=Users
security.ldap.searchFilter=(cn={0})
# Map EmForge user attributes to Ldap attributes
security.ldap.strMapLdapAttrs=username=cn,fistname=giveName,lastname=sn,mail=mail
security.ldap.groupBase=ou=Groups
security.ldap.groupRoleAttribute=cn
To make this work with OpenLDAP you need a few more steps:
- Create a file emforge-security-openldap.xml and place it under WEB-INF/classes/META-INF/spring in your exploded war file
- Paste the following content in the file:
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="[http://www.springframework.org/schema/beans"]
xmlns:xsi="[http://www.w3.org/2001/XMLSchema-instance"] xmlns:util="[http://www.springframework.org/schema/util"]
xmlns:s="[http://www.springframework.org/schema/security"]
xsi:schemaLocation="[http://www.springframework.org/schema/beans] [http://www.springframework.org/schema/beans/spring-beans.xsd]
[http://www.springframework.org/schema/util] [http://www.springframework.org/schema/util/spring-util.xsd]
[http://www.springframework.org/schema/security] [http://www.springframework.org/schema/security/spring-security-2.0.1.xsd">]
<bean id="openLdapAuthProvider"
class="org.springframework.security.providers.ldap.LdapAuthenticationProvider">
<constructor-arg>
<ref bean="bindAuthenticator" />
</constructor-arg>
<constructor-arg>
<ref bean="olAuthoritiesPopulator" />
</constructor-arg>
</bean>
</beans>
- Open emforge.war/WEB-INF/web.xml go to line 244 (as of version 0.34) and add the following entry:
...
classpath:/META-INF/spring/emforge-security-openldap.xml,
...
- Restart your servlet container and enjoy.
I just saw that I forgot to mention to change the properties file... you have to select the right security provider by setting these properties:
security.providers=openLdapAuthProvider, rememberMeAuth
security.userServices=openLdapUserService
But that's it then... really ;-)
