Properties

jmix.ldap.enabled

Defines if the LDAP authentication is enabled.

Default value: true

jmix.ldap.defaultRoles

Defines a list of roles that will be assigned to every user after successful authentication.

jmix.ldap.userDetailsSource

Defines a source of the UserDetails objects returned after successful authentication.

Possible values:

app - UserDetails obtained from the primary UserDetailsService of the application, typically from DB.
ldap - standard LdapUserDetails objects created by Spring Security are used.

Default value: app

jmix.ldap.urls

An LDAP server URL. LDAP URLs (SSL-secured) may be used as well, considering that Spring Security can connect to the server. Note that these URLs must not include the base DN. Multiple URLs can be specified in the comma-separated list. In this case, a connection will be established to any of the provided LDAP server URLs.

Example: ldap://ldap.company.com:389

jmix.ldap.baseDn

Defines a base DN. If configured, all LDAP operations on contexts retrieved from this ContextSource relate to this DN. The default value is an empty distinguished name, that is, all operations relate to the directory root.

jmix.ldap.managerDn

Indicates a DN used for authentication. This is normally the distinguished name of the "manager" user.

jmix.ldap.managerPassword

Defines a password for the "manager" user.

jmix.ldap.userSearchBase

Defines search base for user searches. Used with jmix.ldap.userSearchFilter.

jmix.ldap.userSearchFilter

An LDAP filter used to search for users. The substituted parameter is the user’s login name.

Example: (uid={0})

jmix.ldap.usernameAttribute

An LDAP attribute corresponding to the username. It is used during user synchronization to assign the correct username for the user.

Default value: uid

jmix.ldap.groupRoleAttribute

An attribute of the LDAP group corresponding to the authority name.

Default value: cn

jmix.ldap.groupSearchBase

Defines a search base for group searches.

The default value is an empty string.

jmix.ldap.groupSearchSubtree

If set to true, a subtree scope search will be performed. If false, a single-level search is used.

Default value: false

jmix.ldap.groupSearchFilter

An LDAP filter used to search for user’s groups (optional). The substituted parameter is the user’s login name.

Default value: (uniqueMember={0})

jmix.ldap.useActiveDirectoryConfiguration

Defines if Active Directory specific security configuration should be used instead of the default one.

Default value: false

jmix.ldap.activeDirectoryDomain

Used only with the ActiveDirectory configuration. Specifies the Active Directory domain name.

Example: mydomain.com

jmix.ldap.groupForSynchronization

A DN of the group containing users to be synchronized in the application.

jmix.ldap.synchronizeRoleAssignments

Defines whether to save role assignments during user synchronization or not.

Default value: true

jmix.ldap.standardAuthenticationUsers

Defines a list of users that should always be authenticated with the standard authentication.

jmix.ldap.synchronizeUserOnLogin

Defines whether users synchronized on every login. For example, if you want to load users from LDAP beforehand and synchronize them once a day on a schedule task, set the property to false.

Default value: true

Was this page helpful?

Thank you for your feedback

Something went wrong