Specifying userDnPatterns Parameters

Specifying userDnPatterns Parameters

If you have a fixed structure of user entries and the login name of the user appears in the RDN of your user entries, you can configure the JSBindAuthenticator bean with patterns to match them. The patterns are not included in the sample file, but can easily be added:

1. In sample-applicationContext-externalAuth-LDAP[-mt].xml, locate the ldapAuthenticationProvider bean. The unnamed bean of class JSBindAuthenticator is the first constructor argument.
2. Add the userDnPatterns property in JSBindAuthenticator.
3. Configure one or more patterns for matching the RDNs of user entries. For each value in the list, the server substitutes the login name entered by the user for the {0} placeholder, then creates a DN by appending the base DN from the LDAP URL. The LDAP URL is specified in Setting the LDAP Connection Parameters. JasperReports Server attempts to bind to the LDAP directory with the DN created with each pattern in the order they are given.

When you enter a pattern for RDN matching, make sure to use only the relative DN. Do not include the base DN that you set up when creating the LDAP connection parameters.

In the example below, JasperReports Server looks for a user whose given login name appears in the uid attribute of the RDN in the ou=users branch of the LDAP directory:

<bean id="ldapAuthenticationProvider" class="com.jaspersoft.jasperserver.api.security.
    <bean class="com.jaspersoft.jasperserver.api.security.externalAuth.wrappers.
      <constructor-arg><ref bean="ldapContextSource"/></constructor-arg>
      <property name="userDnPatterns">

Notice that the domain name value only specifies ou=users. This is combined with the base DN defined by the external.ldapUrl property in the default_master.properties file or the constructor-arg value in the ldapContextSource bean to create the full DN.