Name
LDAP Authenticator
Description
Queries an LDAP server using provided user credentials. Authentication failures result in an error. Successful authentication removes the password field and continues to the following component.
Credentials used are:
- User identifier from the "user_id" parameter
- Password from the "password" parameter
Fields
Host spec: URI for the LDAP server
Base filter string: A filter string used as the query. The user id can be referenced by placing "#USER_ID" in the filterstr. See example below.
Bind DN: Distinguished name used for binding to the LDAP server.
Bind password: Password used for initial bind.
Base DN: Distinguished name at which to start the search.
Examples
An LDAP authenticator with the fields:
- Base filter string: (&(objectclass=person)(CN=#USER_ID))
and POST parameters:
- user_id = jane_doe
will perform a lookup using a constructed filter string of (&(objectclass=person)(CN=jane_doe)).
Errors
Errors will occur in the following cases:
- The user_id or password parameters are not present
- Binding to the LDAP server failed
- More than one user with the given user_id was found
- The user id/password combination was incorrect
0 Comments