Stages Documentation

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revisionBoth sides next revision
72:ldap_config_authenication [2018/07/16 14:52] – [Configuring Authentication] bkkr72:ldap_config_authenication [2018/07/16 14:52] – [Configuring Authentication] bkkr
Line 23: Line 23:
   * credentials   * credentials
  
-**NOTE**: If no query user is specified then an anonymous bind is used to connect to the LDAP directory.+//NOTE//: If no query user is specified then an anonymous bind is used to connect to the LDAP directory.
  
 **Name Attribute** **Name Attribute**
Line 31: Line 31:
 The distinguished name can be set directly to the name attribute as shown in the example below: The distinguished name can be set directly to the name attribute as shown in the example below:
  
-<font inherit/Courier New,Courier,monospace;;inherit;;inherit><ldap-query-user name="cn=pkit1,o=XYZ,dc=xyzgroup,dc=com"credentials=_ckgedit_QUOT__ckgedit____>/>__</font>+''<font inherit/Courier New,Courier,monospace;;inherit;;inherit><ldap-query-user name="cn=pkit1,o=XYZ,dc=xyzgroup,dc=com"credentials=_ckgedit_QUOT__ckgedit____>/>__</font>''
  
 If the name attribute does not contain an equal sign (‘=’) or a comma (‘,’), then this value is set to the authentication schema in order to build up the distinguished name of the special query user. If the name attribute does not contain an equal sign (‘=’) or a comma (‘,’), then this value is set to the authentication schema in order to build up the distinguished name of the special query user.
Line 37: Line 37:
 In the example below “id123“ would be set to the schema to build up the user’s distinguished name. In the example below “id123“ would be set to the schema to build up the user’s distinguished name.
  
-<font inherit/Courier New,Courier,monospace;;inherit;;inherit><ldap-query-user name="id123" credentials="SOME_CREDENTIALS"/></font>+''<font inherit/Courier New,Courier,monospace;;inherit;;inherit><ldap-query-user name="id123" credentials="SOME_CREDENTIALS"/></font>''
  
 **The credentials Attribute** **The credentials Attribute**
Line 68: Line 68:
 The <font inherit/Courier New,Courier,monospace;;inherit;;inherit>principal</font>attribute holds a schema to build up the distinguished name for user authentication. The special character “%“ is used to specify where to set in the user’s fullname or username to build the corresponding distinguished name. The <font inherit/Courier New,Courier,monospace;;inherit;;inherit>principal</font>attribute holds a schema to build up the distinguished name for user authentication. The special character “%“ is used to specify where to set in the user’s fullname or username to build the corresponding distinguished name.
  
-Example: <font inherit/Courier New,Courier,monospace;;inherit;;inherit>principal=“cn=%,cn=Users,dc=adtest,dc=methodpark,dc=de“</font>+Example: ''<font inherit/Courier New,Courier,monospace;;inherit;;inherit>principal=“cn=%,cn=Users,dc=adtest,dc=methodpark,dc=de“</font>''
  
 //NOTE//: It depends on the value of the key attribute of the ldap-provider tag whether the user’s fullname or username will be set into the schema. //NOTE//: It depends on the value of the key attribute of the ldap-provider tag whether the user’s fullname or username will be set into the schema.