LDAP Authentication

Copyright © 2000-2007 Liferay, Inc.

All Rights Reserved.No material may be reproduced electronically or in print without written

permission from Liferay, Inc.

Objectives

Authenticating with LDAP server

1. What is LDAP

2. LDAP in Action

3. How does it work with Liferay?

What is LDAP?

LDAP = Lightweight Directory Access Protocol

• An application protocol for querying and modifying directory services running over TCP/IP.

• A Directory Information Tree (DIT) is data represented in a hierarchical tree-like structure consisting of the Distinguished names (DNs) of the directory entries.

LDAP in Action

LDAP Browser Plugin in Eclipse• Using the Eclipse Install/Update Manager is

the easiest way to install the LDAP Studio Browser plug-in. From workbench menu choose Help → Software Updates → Find and Install... .

• In the opened wizard choose Search for new features to install and click Next.

• Next please specify the LDAP Studio update site. Click the New Remote Site... button. In the dialog input the following and press OK:

– Name: LDAP Studio Update Site– URL: http://directory.apache.org/ldapstudio/update/

LDAP in Action

LDAP Browser Plugin in Eclipse• Make sure the new update site is checked an

press Finish. • Now the install manager checks the update

site and presents the search results. Select the feature you want to install - of course the LDAP Studio Browser - and click Next.

• In the next dialog ensure that the LDAP Studio Browser feature is selected and click to Finish.

• Now the install manager loads the necessary files. When download is finished you have to verify the installation, please click to Install.

LDAP in Action

LDAP Perspective• Go to Window → Open Perspective → Other... and

select the LDAP perspective.• To create a new connection click the New Connection

button. – Check Network Parameter: connection name-”CIGNEX

DOCS”; hostname-”docs.cignex.com”; port-”10389”; Encryption method: ”no encryption”

– Check Authentication: select “Simple Authentication”; Bind DN or user: “uid=admin,ou=system”; Bind password: “secret”

• Click Finish when done. • The LDAP Browser view is on the top left. The

category DIT shows the hierarchical content of the directory. You may expand and collapse the tree.

LDAP in Action

LDAP Perspective

• Select user “janesmith” under “ou=users, ou=system”;

• Select user “janesmith”; View all attributes

• View user password “jane”; and others – “cn”, “sn”, “mail”, “given name”, etc.

• Now Integrate this LDAP server with Liferay

How does it work with Liferay

Log in as • “janesmith@liferay.com”• Password: “jane”Failed surely. Login as admin The login is test@liferay.com and the password is test. • click on the Users tab in the Admin portlet.• Click Authentication.• Click LDAP.• Check the Enabled box.• Input LDAP info as demo (next slide).• Select the Apache Directory Server and click Save.

How does it work with Liferay

How does it work with Liferay

Log out

Log in as • “janesmith@liferay.com”

• Password: “jane”

Got?

Q&A

Exercise

1. Create an account in LDAP for your self

2. Sign in with your account in Liferay

Possible steps

In LDAP perspective, select ou=users, ou=system.Right click, select New Entry. Check create entry from

scratch; ->nextSelect inetOrgPerson ->add ->nextInput cn in left side of “=” and your first name in right side of

“=”; ->nextInput your surname as value of ‘sn’Add new values:

giveNameO (organization)Mail (email address)userPassword (plain text)

Finish

Revision HistoryJonas Yuan 06/07/07 Created for Liferay 4.2.2