PAS for OpenEdge includes advanced configurations for LDAP authentication that can be used if the basic LDAP configuration is not adequate. To implement advanced LDAP authentication, you remove or comment out the XML elements described in Basic LDAP configuration. They are replaced by a set of six Spring beans that are inserted in either the oeablSecurity-basic-ldap.xml or the oeablSecurity-form-ldap.xml configuration file (the file you use depends on which authentication protocol is required for your web application).

The advanced configuration uses all of the same information you gathered from the LDAP Directory Service administrator, only the property names and their location differ. Also, there are additional configuration properties that you may set to correct certain behaviors exhibited by the Directory Service.

Another difference between the basic and the advanced LDAP configurations lies in the way the XML parser that interprets the configuration file. In a basic configuration, the XML parser creates and sets defaults for Spring beans that are hidden. In advanced configurations, all of the Spring beans must be explicitly declared in order to expose the full set of configuration properties.

When explicitly declaring the advanced LDAP Spring beans in the XML file, the XML parser uses Java reflection to create class instances and set the instance’s properties. Each Spring bean declaration starts with a <b:bean> element with attributes for its ID (reference name used by other beans) and the full Java class name. For any <b:bean> declaration, you can optionally supply class constructor arguments and class property values by name. For example: