Menu

Authenticators

Ulf Dittmer

Authentication type

First, we must define ''authentication.type'' to ''default'':

//  Defines the authentication method to default
authentication.type = default

LoginAuthenticator implementation

then, it makes necessary to set which class should handle the authentication procedure. The class must implements the interface net.jforum.sso.LoginAuthenticator. The default implementatin, that uses the table ''jforum_users'', isnet.jforum.sso.DefaultLoginAuthenticator:

login.authenticator = net.jforum.sso.DefaultLoginAuthenticator

LDAP

To use LDAP as authentication engine, set the value to net.jforum.sso.LDAPAuthenticator*:

login.authenticator = net.jforum.sso.LDAPAuthenticator

Careful: The implementation must implement the interface ''net.jforum.sso.LoginAuthenticator'', otherwise you'll get runtime errors when trying to use JForum

Enable / disable automatic login

By default, users are allowed to choose for automatic logins when they back to the forum. This is done by setting a Cookie in the user's computer. Optionally, the board's administrator may choose to not allow users to use this functionality. This is done by configuring the key ''auto.login.enabled'', as shown below:

// Let users to choose "Log me on automatically on each visit"
auto.login.enabled = true

LDAP in JForum is fairly easy to setup. First, make sure you have read the [LoginAuthenticationIntegration] section. All LDAP configuration is also set in the file SystemGlobals.properties.

LDAP configuration options

Property name Description Default value
ldap.security.protocol Security protocol to use, like "ssl" Empty. Leave it empty to let the provider figure out which mechanism to use
ldap.authentication Security authentication to use. Empty. Possible values: "none", "simple", "strong". Leave it empty (the default) to let the provider figure it out
ldap.factory Which factory to use. Implementations are dependant of VM vendor ''com.sun.jndi.ldap.LdapCtxFactory'', used for Sun Microsystem's VMs
ldap.login.prefix The prefix your LDAP server requires for the user portion. The username supplied gets inserted just after the prefix - e.g: 'uid=<username>' so adjust the prefix properly</username> ''uid=''
ldap.login.suffix The suffix your LDAP server requires. ''ou=Users,dc=department,dc=company,dc=com''
ldap.server.url The url of your LDAP server. Notice that if your LDAP server uses SSL you will need to configure your server certificate so that Java Secure Sockets Extension (JSSE) will accept it. Read http://java.sun.com/products/jndi/tutorial/ldap/security/ssl.html ''ldap://localhost''
ldap.field.email Field that holds the user's email ''mail''

Active Directory

To configure ''LDAPAuthenticator'' integrating with Microsoft Active Directory. The following two keys should be necessary.
They are similar to ''ldap.login.prefix'' and ''ldap.login.suffix'', but it's used when looking up user infomation rather than authentication. It's used when the login Distinguished Name (''DN'') is formatted differently from the lookup DN on some LDAP servers, for example, Microsoft Active Directory.

If it's the case, you should add these keys in additional to ''ldap.login.prefix'' and ''ldap.login.suffix''.

The following example is for configuring on Microsoft Active Directory:

ldap.login.prefix=CN=
ldap.login.suffix=CN=Users,DC=jform,DC=net
ldap.lookup.suffix=CN=Users

Special thanks to Francisco Javier Arosemena


Related

Wiki: LoginAuthenticationIntegration

Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.