Universal Messaging 10.3 | Concepts | Security | Authentication | Using SASL | Server-side Authentication | Directory Backend | LDAP
 
LDAP
If the Nirvana.directory.provider system property is set to com.pcbsys.foundation.security.auth.fLDAPAdapter, then LDAP will be used as the source of user information.
Interaction with the LDAP server is configured via the following Java system properties:
*Nirvana.ldap.provider: The LDAP client class - defaults to the JDK's built-in provider, com.sun.jndi.ldap.LdapCtxFactory
*Nirvana.ldap.url : The address of the LDAP server. This has no default and must be specified, using syntax such as ldap://localhost:389/dc=sag,dc=com
*Nirvana.ldap.suffix : The suffix to apply to LDAP queries. This has no default and may be null, but if non-null it qualifies the URL above. Eg. Nirvana.ldap.url=ldap://localhost:389/dc=sag and Nirvana.ldap.suffix=dc=com will result in the same effective query root as Nirvana.ldap.suffix=ldap://localhost:389/dc=sag,dc=com when the Nirvana.ldap.suffix property is not set.
*Nirvana.ldap.rootcreds: The privileged-admin login credentials to use on the LDAP server, in order to perform user queries. There is no default and if not set it means there is no need to specify any such credentials, but if present the format must be username:password.
The remaining system properties relate to the LDAP schema and default to the standard COSINE schema:
*Nirvana.ldap.attribute.username: This specifies the LDAP attribute which represents the username, and defaults to the standard schema convention of "cn".
*Nirvana.ldap.attribute.password: This specifies the LDAP attribute which represents the password, and defaults to the standard schema convention of "userPassword".
*Nirvana.ldap.search.username: This specifies the search expression to use for a given username, and defaults to cn=%U%, where %U% gets substituted by the username.