Difference between revisions of "Ldap-example3"

From OpenKM Documentation
Jump to: navigation, search
(OpenKM.xml)
Line 1: Line 1:
== Configuration parameters ==
 
<source lang="java">
 
principal.adapter=com.openkm.principal.LdapPrincipalAdapter
 
system.login.lowercase=true
 
principal.ldap.referral=
 
 
principal.ldap.server=ldap://192.168.xxx.xxx:389
 
principal.ldap.security.principal=CN=Administrator,OU=OpenKM,DC=company,DC=com
 
principal.ldap.security.credentials=xxxxxx
 
 
principal.ldap.mail.attribute=userPrincipalName
 
principal.ldap.mail.search.base=DC=company,DC=com
 
principal.ldap.mail.search.filter=(sAMAccountName={0})
 
 
principal.ldap.role.attribute=cn
 
principal.ldap.role.search.base=OU=OpenKM,DC=company,DC=com
 
principal.ldap.role.search.filter=objectclass=group
 
 
principal.ldap.roles.by.user.attribute=memberOf
 
principal.ldap.roles.by.user.search.base=DC=company,DC=com
 
principal.ldap.roles.by.user.search.filter=(&(objectclass=person)(sAMAccountName={0}))
 
 
principal.ldap.user.attribute=sAMAccountName
 
principal.ldap.user.search.base=DC=company,DC=com
 
principal.ldap.user.search.filter=(&(objectclass=user)(|(memberOf=CN=ROLE_ADMIN,OU=OpenKM,DC=company,DC=com)(memberOf=CN=ROLE_USER,OU=OpenKM,DC=company,DC=com)))
 
 
principal.ldap.username.attribute=cn
 
principal.ldap.username.search.base=DC=company,DC=com
 
principal.ldap.username.search.filter=(sAMAccountName={0})
 
 
principal.ldap.users.by.role.attribute=member
 
principal.ldap.users.by.role.search.base=OU=OpenKM,DC=company,DC=com
 
principal.ldap.users.by.role.search.filter=(&(objectClass=group)(cn={0})) 
 
</source>
 
 
 
== OpenKM.xml ==
 
== OpenKM.xml ==
 
<source lang="xml">
 
<source lang="xml">
Line 85: Line 50:
  
 
</beans:beans>
 
</beans:beans>
 +
</source>
 +
 +
== Configuration parameters ==
 +
<source lang="java">
 +
principal.adapter=com.openkm.principal.LdapPrincipalAdapter
 +
system.login.lowercase=true
 +
principal.ldap.referral=
 +
 +
principal.ldap.server=ldap://192.168.xxx.xxx:389
 +
principal.ldap.security.principal=CN=Administrator,OU=OpenKM,DC=company,DC=com
 +
principal.ldap.security.credentials=xxxxxx
 +
 +
principal.ldap.mail.attribute=userPrincipalName
 +
principal.ldap.mail.search.base=DC=company,DC=com
 +
principal.ldap.mail.search.filter=(sAMAccountName={0})
 +
 +
principal.ldap.role.attribute=cn
 +
principal.ldap.role.search.base=OU=OpenKM,DC=company,DC=com
 +
principal.ldap.role.search.filter=objectclass=group
 +
 +
principal.ldap.roles.by.user.attribute=memberOf
 +
principal.ldap.roles.by.user.search.base=DC=company,DC=com
 +
principal.ldap.roles.by.user.search.filter=(&(objectclass=person)(sAMAccountName={0}))
 +
 +
principal.ldap.user.attribute=sAMAccountName
 +
principal.ldap.user.search.base=DC=company,DC=com
 +
principal.ldap.user.search.filter=(&(objectclass=user)(|(memberOf=CN=ROLE_ADMIN,OU=OpenKM,DC=company,DC=com)(memberOf=CN=ROLE_USER,OU=OpenKM,DC=company,DC=com)))
 +
 +
principal.ldap.username.attribute=cn
 +
principal.ldap.username.search.base=DC=company,DC=com
 +
principal.ldap.username.search.filter=(sAMAccountName={0})
 +
 +
principal.ldap.users.by.role.attribute=member
 +
principal.ldap.users.by.role.search.base=OU=OpenKM,DC=company,DC=com
 +
principal.ldap.users.by.role.search.filter=(&(objectClass=group)(cn={0})) 
 
</source>
 
</source>
  
 
[[Category: Installation Guide]]
 
[[Category: Installation Guide]]

Revision as of 21:17, 16 February 2013

OpenKM.xml

<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns:beans="http://www.springframework.org/schema/beans"
             xmlns:security="http://www.springframework.org/schema/security"
             xmlns:task="http://www.springframework.org/schema/task"
             xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
             xsi:schemaLocation="http://www.springframework.org/schema/beans
                                 http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
                                 http://www.springframework.org/schema/security
                                 http://www.springframework.org/schema/security/spring-security-3.1.xsd
                                 http://www.springframework.org/schema/task
                                 http://www.springframework.org/schema/task/spring-task-3.1.xsd">
<security:authentication-manager alias="authenticationManager">
     <security:authentication-provider ref="ldapAuthProvider" />
  </security:authentication-manager>

<beans:bean id="contextSource" class="org.springframework.security.ldap.DefaultSpringSecurityContextSource">
  <beans:constructor-arg value="ldap://192.168.xxx.xxx"/>
  <beans:property name="userDn" value="CN=connect,OU=OpenKM,DC=company,DC=com"/>
  <beans:property name="password" value="****"/>
</beans:bean>

<beans:bean id="ldapAuthProvider" class="org.springframework.security.ldap.authentication.LdapAuthenticationProvider">
  <beans:constructor-arg>
    <beans:bean class="org.springframework.security.ldap.authentication.BindAuthenticator">
      <beans:constructor-arg ref="contextSource"/>
      <beans:property name="userSearch" ref="userSearch"/>
    </beans:bean>
  </beans:constructor-arg>
  <beans:constructor-arg>
    <beans:bean class="org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator">
      <beans:constructor-arg ref="contextSource"/>
      <beans:constructor-arg value="DC=company,DC=com"/>
      <beans:property name="groupSearchFilter" value="member={0}"/>
      <beans:property name="groupRoleAttribute" value="cn"/>
      <beans:property name="searchSubtree" value="true" />
      <beans:property name="convertToUpperCase" value="false" />
      <beans:property name="rolePrefix" value="" />
    </beans:bean>
  </beans:constructor-arg>
</beans:bean>

<beans:bean id="userSearch" class="org.springframework.security.ldap.search.FilterBasedLdapUserSearch">
  <beans:constructor-arg index="0" value="DC=company,DC=com" />
  <beans:constructor-arg index="1" value="(&amp;(sAMAccountName={0})(|(memberOf=CN=ROLE_ADMIN,OU=OpenKM,DC=company,DC=com)(memberOf=CN=ROLE_USER,OU=OpenKM,DC=company,DC=com)))" />
  <beans:constructor-arg index="2" ref="contextSource" />
  <beans:property name="searchSubtree" value="true" />
</beans:bean>

</beans:beans>

Configuration parameters

 principal.adapter=com.openkm.principal.LdapPrincipalAdapter
 system.login.lowercase=true
 principal.ldap.referral=

 principal.ldap.server=ldap://192.168.xxx.xxx:389
 principal.ldap.security.principal=CN=Administrator,OU=OpenKM,DC=company,DC=com
 principal.ldap.security.credentials=xxxxxx

 principal.ldap.mail.attribute=userPrincipalName
 principal.ldap.mail.search.base=DC=company,DC=com
 principal.ldap.mail.search.filter=(sAMAccountName={0})

 principal.ldap.role.attribute=cn
 principal.ldap.role.search.base=OU=OpenKM,DC=company,DC=com
 principal.ldap.role.search.filter=objectclass=group

 principal.ldap.roles.by.user.attribute=memberOf
 principal.ldap.roles.by.user.search.base=DC=company,DC=com
 principal.ldap.roles.by.user.search.filter=(&(objectclass=person)(sAMAccountName={0}))

 principal.ldap.user.attribute=sAMAccountName
 principal.ldap.user.search.base=DC=company,DC=com
 principal.ldap.user.search.filter=(&(objectclass=user)(|(memberOf=CN=ROLE_ADMIN,OU=OpenKM,DC=company,DC=com)(memberOf=CN=ROLE_USER,OU=OpenKM,DC=company,DC=com)))
 
 principal.ldap.username.attribute=cn
 principal.ldap.username.search.base=DC=company,DC=com
 principal.ldap.username.search.filter=(sAMAccountName={0})
 
 principal.ldap.users.by.role.attribute=member
 principal.ldap.users.by.role.search.base=OU=OpenKM,DC=company,DC=com
 principal.ldap.users.by.role.search.filter=(&(objectClass=group)(cn={0}))