How do I connect Academus to an LDAP?
How do I connect Academus to an LDAP?
Connecting Academus to an LDAP involves modifying multiple property files. These property files are all stored in the following directory:
{InstallDirectory}/unicon/Academus/portal-tomcat-a/webapps/portal/WEB-INF/classes/properties
The following modifications need to be made:
1) ldap.properties
A template of this file has been included below. Modifications need to be made according to your internal LDAP configuration:
# ldap.properties
#
##### LDAP directory connection properties
# Check with your LDAP directory server administrator for the
# appropriate information.
# host name or IP address
ldap.host=ldap.unicon.net
# Default port for LDAP is 389
ldap.port=389
# enable SSL encryption to protect passwords (disabled by default)
#ldap.protocol=ssl
# Directory context to search for users via their uid.
ldap.baseDN=CN=Users, DC=unicon, DC=net
# Attribute used to search for user. Typically, the netID.
ldap.uidAttribute=uid
# You can leave these blank unless your directory server doesn't
# permit anonymous binds.
ldap.managerDN=CN=Admin, DC=unicon, DC=net
ldap.managerPW=secret
# eof: ldap.properties
You can leave the managerDN and managerPW fields blank for an anonymous bind.
2) rad.properties
A template of this section of the file has been included below. Modifications need to be made according to your internal LDAP configuration:
campus.ldap.baseDN=CN=Users, DC=unicon, DC=net
campus.ldap.department=department
campus.ldap.email=mail
campus.ldap.host=ldap.unicon.net
campus.ldap.id=uid
campus.ldap.logon=uid
campus.ldap.managerDN=CN=Admin,DC=unicon,DC=net
campus.ldap.managerPW=secret
campus.ldap.name=cn
campus.ldap.port=389
campus.ldap.telephone=telephonenumber
campus.ldap.title=title
campus.ldap.uidAttribute=
3) security.properties
The security.properties file should be adjusted to include the LDAP security context factory. An example has been provided below:
root=org.jasig.portal.security.provider.UnionSecurityContextFactory
root.adcache=org.jasig.portal.security.provider.CacheJAASSecurityContextFactory
root.ldapcache=org.jasig.portal.security.provider.CacheLdapSecurityContextFactory
root.simplecache=org.jasig.portal.security.provider.CacheSimpleSecurityContextFactory
This example will allow Academus to authorize against the portal database, LDAP, and an Active Directory. This should be modified to suit your needs.
4) PersonDirs.xml
A new entry must be added to PersonDirs.xml for the LDAP. A template has been provided below:
<PersonDirInfo>
<driver></driver>
<url>ldap://ldap.unicon.net:389</url>
<logonid>CN=Admin, DC=unicon, DC=net</logonid>
<logonpassword>secret</logonpassword>
<uidquery>(uid={0})</uidquery>
<searchquery>(~MATCH_ALL_OP~(uid={0}~WILDCARD_0~)(givenName={1}~WILDCARD_1~)(sn={2}~WILDCARD_2~)(mail={3}~WILDCARD_3~))</searchquery>
<searchquery2>(&~SEARCH_QUERY~(
