In many cases, users and authentication information for an organization is defined in an existing LDAP Directory. You can configure MashZone NextGen to use your LDAP Directory as the source for user and group information.
See the System Requirements for Software AG Products guide for information on MashZone NextGen support for specific LDAP Directory solutions.
Procedure
This folder may be in the default location or in an external location. See Setting Up an External MashZone NextGen Configuration Folder for more information.
You cannot use both default authentication and LDAP authentication.
The configuration should look something like this:
<beans> <!-- Choose between the interal JDBC repository and LDAP comment/uncomment these two import statements --> <import resource="/userRepositoryApplicationContext-ldap.xml"> <!-- <import resource="/userRepositoryApplicationContext-jdbc.xml"> --> ... </beans>
This folder may be in the default location or in an external location. See Setting Up an External MashZone NextGen Configuration Folder for more information.
<bean id="userAttributeProvider" > ...
The configuration should now look something like this:
<bean id="userAttributeProvider" > <property name="providers"> <list> <ref bean="ldapAttributeProvider"/> <ref bean="internalUserAttributeProvider"/> </list> </property> </bean>
Do not restart the MashZone NextGen Server until all other LDAP configuration steps have been completed.
Connections to the LDAP Directory. See Defining LDAP Connection Configuration.
Authentication mechanisms. See Defining the Authentication Scheme.
Authorization mechanisms. See Defining the Authorization Scheme.
All user and group queries used in MashZone NextGen applications. See Enabling MashZone NextGen Application Queries for All LDAP Users or Groups for Permissions.
See Grant User Access to MashZone NextGen with Built-in Groups for instructions.
MashZone NextGen now uses LDAP as the user repository. You can now login using the user account assigned in earlier steps as a MashZone NextGen administrator.
To grant access to other users, add them to an appropriate built-in MashZone NextGen user group in LDAP. See Grant User Access to MashZone NextGen with Built-in Groups for instructions.