"LdapSecurityBroker" Element

 Top  Previous  Next

Ldap Security Broker makes it possible to refer to the user and group information maintained by an Ldap provider.  This way it is possible to establish a security on your web application without having to create and maintain a user database.

On the other hand, Ldap Security Broker can utilize its embedded Reldb Security Broker to establish a hybrid system. Users and roles can be on both of the systems. And also very special solutions can be developed by customizing the the bsp file of the Reldb Broker.

Ldap_pe

Element Properties

Root User Name

Defines which of the users in the system is the root user.

Admin Role Name

Defines which of the roles in the system is the system administrator

Initial Context Factory

The name of the Java Class that is responsible to establish the connection with the LDAP provider

Provider URL

The URL that the LDAP provider is accessible

Security Authentication

The security authentication method. Valid values are "simple", "GSSAPI" and "DIGEST-MD5".

Security Protocol

Security protocol to be used when communicating with LDAP provider.

User Name

Name of an authorized user existing on LDAP system.

Password

The password of the Ldap user.

Search Base

The definition of the domain where the search will be performed

Login

User Login Filter

The Ldap filter that is used to test if the specified user exists in the system during the login.

Attribute Selection

Groups Of User Filter

User Search Filter

The Ldap filter that is used to search users by username, full name or email.

Group Search Filter

The Ldap filter that is used to locate the specified group or to search user groups.

Reldb Broker

Optionally a Reldb Broker can be defined if hybrid use is necessary. The Reldb Brokers becomes functional only if "RelDB Connection Name" property is assigned a value.

RelDB Connection Name

The name of the connection that is defined by a "mor > RelDB > RelDBConnection" element.

SQL Pattern File

Usually special bsp files are required for hybrid use. In these bsp files, to setup relations with the records obtained from the Ldap, use always VARCHAR fields directly (e.g. USER_NAME, ROLE_NAME) instead of record Ids such as USER_ID, ROLE_ID.

Schema

They area required for some database systems (e.g. Oracle)

Table Space

They area required for some database systems (e.g. Oracle)

Debug

To trace the execution of the security broker on the system console enter a value between 1 and 3.