Hi to all,
I have ldap users in OpenLDAP. I want to add those users to Compiere and authentication to be done in Compiere via ldap. I have searched through the web but I'm not able to get any documentation for that.
Please let me know where the documentation is or, if possible, please give me some instructions on how to do that.
Thanks & regards
i strongly believe that the LDAP Authentication thingy is a future feature ;)
May someone else knows better.
Best regards Johannes
Sorry, I have been tied up with many projects and forgot about this until just now..
Anyway, if you are still interested, this will get you only username/password functionality..
Enabling LDAP Functionality:
1. Log in as SysAdmin
2. Go to Menu>System Admin>System
3. In Field "Ldap URL" fill in your LDAP URL, i.e. "LDAP://YourLdapServer.com"
4. In field "LDAP Domain" Your Domain, i.e., "YourLdapServer.com"
5. Log Out as SysAdmin
6. Log In as SuperUser/Admin
7. GoTo Menu>General Rules>Security>User
8. In tab "User Contact" and "Internal" you will find a field for LDAP User Name -- Here (for a particular user) fill in the LDAP use name.
Upon logging in -- the user can enter his/her LDAP user name and password and it will associate the correct credentials to the user you have set up in Compiere.
I am currently using LDAP but on a Windows 2000/2003 platform. However, I am not familiar with OpenLDAP.
The LDAP funtionality is very minimal and only allows for usrnames and password to be passed. Other information, like email, is not currently accessible thru LDAP.
If you are interested I can get you the specifics on my installation.
GG, if you can provide the specifics will be great.
Sorry, for the late reply..
I am rather tied up today, and it's been quite a few months since I set this up. But, I should be able to get this on here within the next day or so..
I hope that this is ok. I know that when Ifirst started here I received very few answers to questions. But, I will get it here..
Thanks for imm reply. Pls send installation specifics for Compiere LDAP on a Windows 2000/2003 platform. I am eagarly waiting for that...
Thanks & Regards
We needed more than just LDAP authentication, in that we also needed to extract some of the other LDAP fields (e.g., email address, phone number, etc.).
So for logging in to the Compiere client we modified the code of the "protected KeyNamePair getRoles (String app_user, String app_pwd, boolean force)" method in Login.java to call our organization's LDAP authentication class for all users except "System" and "SuperUser". For the latter we continued authenticating using the Compiere way.
For our webstore interface, we call this same LDAP authentication class from our Struts login form class's validate() method.
When authenticating against LDAP, not always all users are in the same sub-tree of ldap, so it is necesary to support authentication against multiple branches of ldap.
For example, there can be users who can authenticate using the cn=%s,ou=myCity,ou=myState,o=myCompany but others can authenticate using the cn=%s,ou=ANOTHERCity,ou=myState,o=myCompany