Contents

Popular

LDAP Policy can be used when the user needs to be authenticated and limit the access to protected resources to certain users. The policy is also designed for retrieving DN (Digital Number) metadata for use in API proxy flows.
For example, you can have an API call execute only when a user is successfully authenticated against LDAP; and then optionally retrieve DN attributes for the user after authentication succeeds.

Configuration

The properties that have to be configured to use the policy are described below.


Figure 1: LDAP Policy Configuration attributes (for Authentication policy type)

Property
Description
LDAP Connector ClassWhen using the LDAP Policy with a custom LDAP provider, specify the fully qualified LDAP connector class. That’s the class in which you implemented LDAPConnectionProvider interface. If it is set to default, built-in LDAP connector will be used.
LDAP ResourceSelect the LDAP resource. See Create an LDAP resource for more information.
LDAP Policy Type

The functionalities of LDAP Policy are:

  • Authentication: User Name and Password Authentication
  • Search and Authenticate: DN Attribute Authentication
  • Search: Searching LDAP

Policy configuration based on Policy Types are explained in a later section.

User Name

Username against which authentication is done.

Icon

This is applicable only for Authentication policy type.

PasswordPassword attached to the user name.
SearchQuery

Applicable for the following Policy Types:

  • Search and Authenticate - Search query to get the user name. 
  • Search - Search query to retrieve additional DN attributes.
BaseDN

The base level of LDAP under which all of your data exists.

LDAP Scope

LDAP scopes are:

  • Object: Authentication or search occurs only at the base level of LDAP.
  • Onelevel: Authentication or search occurs one level below the base level.
  • Subtree (default): Authentication or search occurs at the base level and fully recursively below the base.

Additional Attributes

Attributes that need to be retrieved on searching.

Icon

Additional Attributes are applicable only for Search policy type.

Refer Additional Attributes section for detailed information.

Icon

Edit  button against the Policies tab helps to rename the policy ID, that is, the policy name appearing under Policies.

Adaptavist ThemeBuilder EngineAtlassian Confluence