Liferay LDAP integration

In this tutorial, we will look into  Liferay LDAP Integration and user import process.

LDAP Installation :

LDAP setup has explained in this tutorial with OpenDJ.  Click here to see this tutorial before going through this.

LDAP can be integrated in two ways:

  1.  control panel: In the control panel section, navigate to Portal Settings ->Authentication.
    • In Authentication section, click on LDAP
    • Click on LDAP enable and provide all necessary propertis
Liferay LDAP Integration

Liferay LDAP Integration

2. portlet-ext properties

  • It is always recommended approach to integrate through ext properties.
  • Suppose we have configured LDAP as shown below in OpenDJ
Open DJ LDAP

Open DJ LDAP

 LDAP Server Configuration and Search directory

ldap.base.provider.url.0=ldap://localhost:389
 ldap.base.dn.0=ou=People,dc=jntu,dc=com
 ldap.security.principal.0=uid=admin,ou=People,dc=jntu,dc=com
 ldap.security.credentials.0=secret

We can set authentication method as bind or password-compare

ldap.auth.method=bind
ldap.auth.method=password-compare
ldap.auth.search.filter=(mail=@email_address@)

LDAP Import configuration:

ldap.import.enabled=true
 ldap.import.on.startup=false
 ldap.import.interval=10
 ldap.import.user.search.filter=(objectClass=inetOrgPerson)
 ldap.import.group.search.filter=(objectClass=groupOfUniqueNames)
 ldap.import.method=user

LDAP password configuration:

Set this to true to use LDAP’s password policy instead of the portal password policy.

ldap.password.policy.enabled=false

Set this to false when the LDAP user’s password should not be imported to the Liferay user.

    ldap.import.user.password.enabled=true

Set this to true to autogenerate passwords for users imported from LDAP.

    ldap.import.user.password.autogenerated=false

LDAP Connection Pool:

below are the properties are used to LDAP connection:

  • enable LDAP connection pooling by setting “ldap.connection.com.sun.jndi.ldap.connect.pool” to true and provide additional JVM system properties in  JVM start-up options via:
     java ... -Dcom.sun.jndi.ldap.connect.pool.maxsize=50 -Dcom.sun.jndi.ldap.connect.pool.timeout=10000

Defaults:

    ldap.connection.com.sun.jndi.ldap.connect.pool=true
    ldap.connection.com.sun.jndi.ldap.connect.timeout=500
    ldap.connection.com.sun.jndi.ldap.read.timeout=15000

Leave a Comment

Your email address will not be published. Required fields are marked *