AnsweredAssumed Answered

use an LDAP attribute for authentification instead of the dn

Question asked by bparis on Nov 27, 2006
Latest reply on Nov 30, 2006 by andy
we needed to authenticate against our LDAP directory where the user login has been saved as a unique attribute.
So our problem was Alfresco only permits to authenticate using the full user dn.
I've written this little code to resolve this.

1. first you have to set up the file "ldap-authentication-context.xml" like this, with your own values for seachBase and unique_LDAPattribute_name:
 
<!– LDAP authentication configuration –>
   
    <bean id="authenticationComponentImpl" class="org.alfresco.repo.security.authentication.ldap.LDAPAuthenticationComponentImpl_ucl">
        <property name="LDAPInitialDirContextFactory">
            <ref bean="ldapInitialDirContextFactory"/>
        </property>
        <property name="searchBase">
                    <value>ou=London,dc=company,dc=com</value>
        </property>
        <property name="unique_LDAPattribute_name">
                    <value>uid</value>
        </property>
     </bean>

2. Then you compile and install the following class:http://www.ipsp.ucl.ac.be/alfresco/LDAPAuthenticationComponentImpl_ucl.java
Compiled code is available at: http://www.ipsp.ucl.ac.be/alfresco/LDAPAuthenticationComponentImpl_ucl.class

note: put the file in:
$TOMCAT/webapps/alfresco/WEB-INF/classes/org/alfresco/repo/security/authentication/ldap

3. restart tomcat

4. set
log4j.logger.org.alfresco.repo.security.authentication.ldap=debug
in log4J.properties will help you in case of problems


Hope this will help someones ….
Bernard.

Outcomes