skip to main content
Pacific Application Server for OpenEdge: Administration Guide
Web application security configurations : LDAP security configurations
 

LDAP security configurations

The Lightweight Directory Access Protocol (LDAP) is a protocol for authenticating user credentials that are stored on an LDAP-compliant server. If you are not familiar with LDAP implementation and user account management, refer to LDAP administration documentation online.
If you choose one of the LDAP security models supported in PAS for OpenEdge (oeablSecurity-form-ldap.xml or oeablSecurity-basic-ldap.xml), you must update the settings shown in the following table:
Table 19. LDAP security configuration settings
Find
Update
<ldap-server id="PrimayLDAP"
 url="ldap://enter_hostname:389/root_dn_here"
 manager-dn="uid=admin,ou=system"
 manager-password="admin" />
The LDAP server's alias, URL, and the distinguished name (dn) and password of an LDAP account that has search and read access.
<authentication-manager
id="RestApplicationtAuth" >
<ldap-authentication-provider
server-ref="PrimayLDAP"
group-role-attribute="cn"
role-prefix="ROLE_"
group-search-filter="(member={0})"
group-search-base=""
user-search-base=""
user-search-filter="(uid={0})" />
</authentication-manager>
All the properties of the LDAP authentication manager based on the design and implementation of your directory services
Note: The LDAP UserDetails implementation in Spring Security automatically updates role names. Ensure that role names are upper case since searches are case sensitive.
After configuring the LDAP model for your Web application, you can implement CORS support.