Use the userSearch bean to find users if they do not match a simple pattern. In particular, if you are authenticating users for one or more organizations, it is likely that user entries are in multiple branches of your directory.
To perform a search to locate user entries, locate the helper bean userSearch in sample-applicationContext-externalAuth-LDAP[-mt].xml and specify the following information:
• | An optional branch RDN where user entries are located. If not specified, the search includes your entire LDAP directory starting from the base DN of the LDAP URL specified in Setting the LDAP Connection Parameters. |
• | Whether or not the search should extend to all subtrees beneath the branch DN or, when no branch DN is specified, beneath the base DN. |
When you enter a location for user search, make sure to use only the relative DN. Do not include the base DN that you set up when creating the LDAP connection parameters. |
The following example shows the syntax of the bean’s constructor and property:
<bean id="userSearch" class="com.jaspersoft.jasperserver.api.security. externalAuth.wrappers.spring.ldap.JSFilterBasedLdapUserSearch"> <constructor-arg index="0"><value>ou=users</value></constructor-arg> <constructor-arg index="1"><value>(uid={0})</value></constructor-arg> <constructor-arg index="2"><ref local="ldapContextSource" /></constructor-arg> <property name="searchSubtree"><value>true</value></property></bean>[/code] |
The combination of these three parameters lets you optimize the search for your user entries and reduce the load on your LDAP directory. For example, if your users are located in a dedicated branch of your LDAP structure, specify it in the first constructor argument to avoid searching the entire tree.
Recommended Comments
There are no comments to display.