You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Next »

Aspire LDAP Connection
Description:Provides methods to bind/authenticate and search over a LDAP server. If used as a pipeline stage, gets group information of a given user from a LDAP server.
Inputs:<username> containing the user name and with @dn attribute set to the user Distinguished Name (values normally provided by Aspire LDAP Proxy component).
Outputs:<groups> element containing the group names to which the given user is member of.

Includes nested groups. Groups are in the format:

<group source="ldap">groupName</group>

If the groups element was present, group names are appended to it.

Factory:aspire-ldap
Sub Type:default
Object Type:AspireObject

Description

This component will handle all the communication with the customer's LDAP server using Java API.

Configuration

ElementAspire versionTypeDefaultDescription
host string LDAP server host address. Example: ldap//10.10.44.82:389.
authentication string Authentication type used for any LDAP request. Options are 'none', 'simple' and 'DIGEST-MD5'.
adminUser int Username used to authenticate against the given LDAP server. If 'none' authentication type was selected, you can ignore this.
adminPassword string Password used to authenticate against the given LDAP server. If 'none' authentication type was selected, you can ignore this.
searchBase string Base for directory searches. Normally this is the domain of the LDAP server.

 

Example Configurations

<!-- This component will handle all the communication with the customer's LDAP server. If used as pipeline stage, will use Java API to do user group expansion -->
<component name="LdapConnector" subType="default" factoryName="aspire-ldap">
	<config>
		<!-- Path to the customer LDAP server -->
		<host>ldap://10.10.44.82:389</host>
		<!-- Authentication type.  Options are 'none', 'simple' and 'DIGEST-MD5' -->
		<authentication>simple</authentication>
		<!-- Default user credentials. Used when no other user was specified. -->
		<adminUser>contoso\carolt</adminUser>
		<adminPassword>pass@word1</adminPassword>
		<!-- Search base. Normally this is the distinguished name of the customers domain. -->
		<searchBase>dc=contoso, dc=com</searchBase>
	</config>
</component>
  • No labels