LDAPUserRegistry

Configuration to use when users and groups are defined in an LDAP directory service.

Inherits from type UserRegistry and adds the following.


 

Attributes Summary

type The type of LDAP server to which to connect.
sslEnabled Whether to enable Secure Socket Layer (SSL) communications between the appserver security component and your LDAP directory service.
sslConfig Specifies the Secure Socket Layer config to use for the LDAP connection.
baseDN Specifies the base distinguished name of the directory service, indicating the starting point for LDAP searches of the directory service.
bindDN Specifies the distinguished name for appserver to use to bind to the directory service.
bindPassword Specifies the password for the appserver to use to bind to the directory service.
searchTimeout Specifies the timeout value in seconds for an LDAP server to respond before aborting a request.
monitorInterval Specifies the time interval in minutes to monitor the aliveness of LDAP server(s).
reuseConnection Should set to true by default to reuse the LDAP connection.
searchFilter Settings for performing searches of the LDAP user registry.
hosts Specifies one or more LDAP server host name and port.

 

Attribute Details


type

The type of LDAP server to which to connect.

Data type:  LDAPDirectoryType
Default value:   unspecified
Allowed Values:  IBM_DIRECTORY_SERVER   SECUREWAY   IPLANET   NETSCAPE   DOMINO502   NDS   ACTIVE_DIRECTORY   CUSTOM  



sslEnabled

Whether to enable Secure Socket Layer (SSL) communications between the appserver security component and your LDAP directory service. When this setting is enabled, the LDAP SSL settings are used if they are have been specified.

Data type:   Boolean
Default value:   unspecified



sslConfig

Specifies the Secure Socket Layer config to use for the LDAP connection.

Data type:   String
Default value:   unspecified



baseDN

Specifies the base distinguished name of the directory service, indicating the starting point for LDAP searches of the directory service. (See RFC 1779 for a discussion of this technique).Some examples include uid=anyusername, ou=people, and o=ibm. This field is required unless the product will be using a Domino directory service, in which case the administrator can leave the field blank to bind anonymously.The host name, port, and base DN you specify are combined to form an LDAP URL, such as ldap://myserver:1234/o=ibm, where myserver:1234 is the host name and optional port number for the directory service, and o=ibm is the base distinguished name.

Data type:   String
Default value:   unspecified



bindDN

Specifies the distinguished name for appserver to use to bind to the directory service. If no name is specfied, the appserver binds anonymously. See the Base DN field description for examples of distinguished names.

Data type:   String
Default value:   unspecified



bindPassword

Specifies the password for the appserver to use to bind to the directory service.

Data type:   String
Default value:   unspecified



searchTimeout

Specifies the timeout value in seconds for an LDAP server to respond before aborting a request.

Data type:   Long
Default value:   unspecified



monitorInterval

Specifies the time interval in minutes to monitor the aliveness of LDAP server(s).

Data type:   Long
Default value:   unspecified



reuseConnection

Should set to true by default to reuse the LDAP connection. Set to false only in rare situations where a router is used to spray requests to multiple LDAP servers and when the router does not support affinity.

Data type:   Boolean
Default value:   unspecified



searchFilter

Settings for performing searches of the LDAP user registry.

Data type:  LDAPSearchFilter



hosts

Specifies one or more LDAP server host name and port.

Data type:  EndPoint