LDAP integration

To configure an external LDAP repository, such as Microsoft Active Directory, so that existing users may be registered with Jiglu and then authenticated against their directory credentials, the following properties need to be changed in bootstrap.properties:

`com.jiglu.ldap.enabled`	Whether to use LDAP for user authentication. The other LDAP properties will only be used if LDAP is enabled.
`com.jiglu.ldap.initialContextFactory` `com.jiglu.ldap.providerUrl`	Connection details for the remote repository. The URL is usually along the lines of `ldap://<repository_hostname>:389`
com.jiglu.ldap.readerUser.dn com.jiglu.ldap.readerUser.password	The user to bind to the repository as when reading data. They will need to have read access to search the LDAP repository for users and read the data for those users into the system.
`com.jiglu.ldap.userBase`	The context at which to start searching the repository for users. All sub-branches from this location are searched.
`com.jiglu.ldap.userClassName`	The class name of user records that should be read by the system. This is usually `inetOrgPerson`, but is `user` for Microsoft Active Directory.
`com.jiglu.ldap.userFieldName.username` `com.jiglu.ldap.userFieldName.givenName` `com.jiglu.ldap.userFieldName.familyName` `com.jiglu.ldap.userFieldName.emailAddress` `com.jiglu.ldap.userFieldName.fullName`	These properties map fields on user records in the LDAP repository to fields on users in Jiglu. Note that the username field is usually `uid`, but is `sAMAccountName` for Microsoft Active Directory. Note that these values are case sensitive.

Integration with LDAP is not permitted if the system has a single server licence key, such as with the free version of the product.

Written by Stephen Hebditch. Published on Monday, 4 September 2017 at 13:56.

LDAP, Authentication, bootstrap.properties, Microsoft Active Directory, Configuration

1.0.0

How to configure Jiglu to use LDAP for authentication.