04 Authenticating Against LDAP

These instructions document how to configure uPortal itself to perform authentication against LDAP. It is also possible to configure the bundled CAS instance, or some other CAS server, to connect to LDAP instead of following this approach.

Add the ldap connection context to ldapContext.xml

<bean id="defaultLdapServer" class="org.jasig.portal.ldap.ContextSourceLdapServerImpl">
    <property name="ldapContextSource" ref="legacyLdapContext"/>
    <property name="uidAttribute" value="uid"/>
    <property name="baseDN" value="ou=People, dc=myuniv, dc=edu"/>
</bean>

<bean id="legacyLdapContext" class="org.springframework.ldap.core.support.LdapContextSource">
    <property name="url" value="ldap://ldap.myuniv.edu:389"/>
    <property name="userName" value=""/>
    <property name="password" value=""/>
</bean>

Add the SimpleLdapSecurityContextFactory to security.properties

## This is the factory that supplies the concrete authentication class
root=org.jasig.portal.security.provider.UnionSecurityContextFactory
root.simple=org.jasig.portal.security.provider.SimpleSecurityContextFactory
root.ldap=org.jasig.portal.security.provider.SimpleLdapSecurityContextFactory

If you need to uPortal to cache user passwords, you may add the cache security context factory:

## This is the factory that supplies the concrete authentication class
root=org.jasig.portal.security.provider.UnionSecurityContextFactory
root.simple=org.jasig.portal.security.provider.SimpleSecurityContextFactory
root.simple.cache=org.jasig.portal.security.provider.CacheSecurityContextFactory
root.ldap=org.jasig.portal.security.provider.SimpleLdapSecurityContextFactory
root.ldap.cache=org.jasig.portal.security.provider.CacheSecurityContextFactory