Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Contextless LDAP authentication

eron123
Champ in-the-making
Champ in-the-making

‎06-29-2006 12:39 PM

Hi team,

  We have Alfresco 1.2.1 running and authenticating using simple bind to an LDAP directory (eDirectory, which conforms to OpenLDAP).  We would like to configure Alfresco to login without context.  As the users are in different containers, we can not use a string like the following:

'cn=%s,o=alfresco'

We have also tried configuring MD5 Digest, but this did not solve the problem either.

How can Alfresco be configured for contextless login?

Thanks.
Labels:
0 Kudos
3 REPLIES 3

andy
Champ on-the-rise
Champ on-the-rise

‎06-30-2006 03:53 AM

Hi

I am not sure exactly what the issue is here….

You could use chainging authentication. This allows an ordered list of authentication services to be specified. You could have multiple LDAP repos or multiple branch locations for users in the same LDAP repo. You can use abstract spring beans for the common configuration.

Digest MD5 should solve the problem. What was the issue here?

Regards

Andy
0 Kudos

eron123
Champ in-the-making
Champ in-the-making

‎06-30-2006 11:51 PM

Andy,

  We want to have a user log in with just thier uid (in eDirectory, this is the CN attribute).  This means the alfresco login module should search the tree for the user with that name to authenticate to.  Since users are in various containers in the tree, we can not hard-code a container like in the example. 

  The users don't know their full DN, and forcing them to enter it is not desirable anyway.

  What are the options for solving this?  Should the MD5 Digest solution take care of this?
0 Kudos

andy
Champ on-the-rise
Champ on-the-rise

‎07-03-2006 06:51 AM

Hi

It sounds like the best thing is to configure chaining authentication to use an LDAP authentication service against the same repo for each path where you have users. They can then use the cn to login.

MD5 authentication would still have to be able to find users - but it would involve a search based on uid attribue to find the user and therefore get the password. The search would not need to be restricted by path and is done on the ldap server. Your users would have to type in the uid. The wiki contains information on how to set up md5 authentication for open ldap.

Regards

Andy
0 Kudos
Getting started

Tags

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2025 Khoros, LLC