uPortal by JA-SIG
.

JA-SIG Home

About uPortal

Documentation

Getting Started

Developers

Implementors

Users

Background

Release

 .

Integrating LDAP into uPortal

Many institutions have user and group information that is not under the control of the portal, but through one or more directory services, such as an LDAP server.  Configuring uPortal to us an LDAP server is a several stop process which involves editing several properties files. The properties files can be found in the properties subdirectory under the uPortal build directory (for example, uPortal_rel-2-1/properties).

  1. Configure security.properties

    Edit the security.properties file. Find the following line:

    root=org.jasig.portal.security.provider.SimpleSecurityContextFactory

    Comment this line out and add the following line:

    root=org.jasig.portal.security.provider.SimpleLdapSecurityContextFactory

  2. Configure ldap.properties

    Edit the ldap.properties file. You will need to configure this file to match your LDAP server.

    Change the ldap.host value, for example:

    ldap.host=ldap.cornell.edu

    Change the port number if necessary.

    Change the ldap.baseDN value, for example:

    ldap.baseDN=o=Cornell University,c=US

    Change the uid attribute if necessary.

    ldap.uidAttribute=netid

    You may also need to add values for ldap.managerDN and ldap.managerPW if your server does not allow anonymous binds.

  3. Configure PersonDirs.xml

    Edit the PersonDirs.xml file. You will need to configure this file to match your LDAP server just like you did for the ldap.properties file. Find the section with the LDAP properties heading. Uncomment the section and modify the section as appropriate for your LDAP server. For example;

    <url>ldap://ldap.cornell.edu:389/o=Cornell University,c=US</url>
    <logonid></logonid>
    <logonpassword></logonpassword>
    <uidquery>(cn={0})</uidquery>
    <usercontext></usercontext>

    Find the section for configuring JDBC and comment out that section.

    Change the attributes values as necessary.

  4. Restart the application.

    Type ant deploy from the build directory and then restart your servlet container.

Authentication from multiple sources

Even if uPortal is configured to use LDAP for primary authentication, it can be configured such that authentication can occur either from the LDAP directory or the uPortal database.

Edit the security.properties file. In this case, you need to use the UnionSecurityContextFactory by setting the properties as follows:

root=org.jasig.portal.security.provider.UnionSecurityContextFactory
root.ldap=org.jasig.portal.security.provider.SimpleLdapSecurityContextFactory root.simple=org.jasig.portal.security.provider.SimpleSecurityContextFactory


.

 
.
JA-SIG Home * About uPortal * FAQ * Download * Documentation * Getting Involved *
Code Repository * Reporting Bugs * License *