Skip to main content
Skip table of contents

LdapAuthenticator

The LdapAuthenticator is used to authenticate against an LDAP server. It Is a light-weight component which does authentication only and does not do lookup or bind.

The source code for this component is available with the installer.

Configuration

Component Configuration

Drag the LDAPAuthenticator adapter from the Service Palette and double-click the LDAPAuthenticator icon to launch the Component Configuration Sheet (CPS).

Attributes

Default Initial Context Factory

The JNDI framework allows different initial context implementations. Default context is set by providing the respective value for Initial Context Factory.

Default Provider URL

URL of the LDAP Server

Default Authentication

Type of security authentication required. Including the default value 'SIMPLE'; other options available are:

NONE

Does not use a default Authentication.

SIMPLE
  • Default Principal: The distinguished name of the entry that is to be authenticated.

    Authentication ID has to be specified in the case of SASL mechanisms.

  • Default Credentials: Password of the entry represented by 'Default Principal'.
CRAM-MD5

It has the same options as that of SIMPLE.

DIGEST-MD5

Below are the options apart from the ones present in SIMPLE:

  • Default Authorization Id: The authorization Id for SASL mechanisms. If this property is not selected, ID will be derived from the client's authentication credentials.
  • Default SASL Realm: The realm information required by SASL mechanisms. On selecting this, a mechanism-specific default is used.
GSSAPI
  • Default Authorization Id: The authorization Id for SASL mechanisms. If this property is not selected, ID will be derived from the client's authentication credentials.
  • krb5.conf Location: Path of the kerberos configuration file which contains the kerberos configuration information. If this property is not set, the default location is used.
  • krb5 KDC: Kerberos KDC (Key Distribution Centre) used for the kerberos tickets.
  • krb5 Realm: The default realm for kerberos.
  • Login config file: The JAAS Login Configuration file.
EXTERNAL

The options Key Store Location, Key Store Type and Key Store Password gets added to the Attributes section.

Error Handling Configuration

Refer Error Handling Configuration section in Common Configurations page (ignore Connection Error section and refer JMS Error, Response Generation Error, Request Processing Error and Invalid Request Error).

Expert Properties

Enable SSL
SSL Support Mode

The two support modes available in the drop-down are:

  • SSL Ports
  • Start TLS Request

Specifies whether you like to enable SSl through the use of SSL Ports or via the use of Start TLS extension in LDAP.

The two options below appears after selecting Enable SSL check box.

  • True Store Location: Location of Trust Store
  • True Store Type: Type of Trust Store
Validate Input

If this check box is selected, the service validates the input received.

  • If the Input validation is disabled, it does not validate the input and thereby increases the performance. However, it may cause undesired results if the input XML is not valid.


JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.