Overview of LDAP Beans

The sample-applicationContext-externalAuth-LDAP[-mt].xml file contains the beans needed to enable and perform LDAP authentication. This section summarizes the most important beans in this file, including the beans you need to modify to configure JasperReports Server to work with your external database.

proxyAuthenticationProcessingFilter, proxyAuthenticationSOAPProcessingFilter, and proxyAuthenticationRestProcessingFilter: Beans which enable external authentication for direct access, SOAP, and REST, respectively. When one or more of these proxy bean definitions are present in the application context, that is, when they appear in an applicationContext-<customName>.xml file in the <js‑webapp>/WEB-INF directory, the Spring Security filter chain processes the authentication via the proxy definitions instead of the default internal filter. You do not need to configure these beans.
ldapAuthenticationManager: Lists the available authentication providers. The providers in the list are invoked in the order they appear in the configuration file until one of them authenticates the user. When one of the providers successfully authenticates the user, the rest of the providers are skipped. The final provider in the list, ${bean.daoAuthenticationProvider} authenticates against the jasperserver internal database. You can customize authentication by adding more providers to this bean.
ldapContextSource – Helper bean that defines the LDAP server used by the ldapAuthenticationProvider bean. Configure your LDAP connection using this bean, as described in Setting the LDAP Connection Parameters.
ldapAuthenticationProvider: Custom authentication provider for LDAP. This bean has two inline sub-beans:
     BindAuthenticator – Configure this bean and its sub-bean userSearch to specify the rules for finding user entries in your LDAP directory, as described in Performing LDAP User Search.
     DefaultLdapAuthoritiesPopulator – Configure this bean to specify the location of group definitions in LDAP, how to find the groups to which the user belongs, and any transformation of group names in LDAP to role names in JasperReports Server, as described in Mapping the User Roles.
externalDataSynchronizer – Bean whose class creates a mirror image of the external user in the internal jasperserver database. The sample includes the following processors:
     ldapExternalTenantProcessor (commercial editions only) – Bean which maps externally defined tenants to JasperReports Server organizations. For single-organization JasperReports Server deployments, configure this bean to specify the default organization, as described in Mapping to a Single Organization. For multi-organization JasperReports Server deployments, configure this bean to specify the mapping between LDAP RDNs and JasperReports Server organizations, as described in Mapping to Multiple Organizations.
     mtExternalUserSetupProcessor – Bean which creates and configures the internal user corresponding to a successfully authenticated external user. Configure this bean to specify the default internal role given to the external users in JasperReports Server and to map external LDAP roles to internal JasperReports Server roles if desired, as described in Mapping Roles to System Roles.

The following figure shows the beans used in LDAP authentication:

LDAP Beans