AnsweredAssumed Answered

Adding filters to LDAP Authentication

Question asked by albertocabello on Jun 7, 2013
Hi,

I'm currently running fine a 4.2.0 Community with LDAP Authentication, and I want to grant access only to the users having an attribute (like objectClass=posixAccount). I don't want to use ldap.synchronization.active=true, mainly for not having the LDAP admin password stored in a plain text file.

I think it could be done not setting ldap.authentication.userNameFormat, and using ldap.synchronization.personQuery and ldap.synchronization.userIdAttributeName, but I don't get the clue for it to work (actually, no matter the combination of these values I try, the result is I can't log in anymore).

Is it possible to achieve it without tweaking the authentication beans?

Thank you in advance.

Outcomes