GeeCON Prague 2014*
The moose likes JForum and the fly likes LDAP support Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


JavaRanch » Java Forums » Products » JForum
Bookmark "LDAP support" Watch "LDAP support" New topic
Author

LDAP support

Migrated From Jforum.net
Ranch Hand

Joined: Apr 22, 2012
Posts: 17424
Hi,
Is LDAP supported out of the box with JForum, or do I have to implement my own LDAP class ?

Thanks,

[originally posted on jforum.net by Portal_Dev]
Migrated From Jforum.net
Ranch Hand

Joined: Apr 22, 2012
Posts: 17424
Depends on what you mean by "supported"... If you're looking at using jForum's login screens and having it authenticated against LDAP with a minimum of information copied to the jForum user DB, there is an LDAPAuthenticator class that can be used.

If you're looking for a complete SSO situation, there is a simple way that works with a lot of web app servers. That is to do the following:

Use their LDAP SSO security implimentation (E.g. Tomcat's LDAP realm implimentation).
Secure the jForum web-app using standard web.xml security constriants.
Then configure jForum to use the RemoteUserSSO class.

This has some issues like not allowing anonymous access and not passing detailed LDAP info into jForum.

If you need something more complex, it's not that hard to write your own LDAP SSO implimentation.
[originally posted on jforum.net by monroe]
Migrated From Jforum.net
Ranch Hand

Joined: Apr 22, 2012
Posts: 17424
Hi,
Thanks for that, what I mean by supported is that does it work straight away against LDAP by just configuring the settings in the properties file without having to write code.

We use Novell eDir and Oracle OID here.

I am assuming JForum works against both by just configuring the settings ?

Thanks,


[originally posted on jforum.net by Portal_Dev]
Migrated From Jforum.net
Ranch Hand

Joined: Apr 22, 2012
Posts: 17424
Probably... I know people have gotten it to work against Active Directory as well as general LDAP services. Novell's always been more LDAP compliant than MS so it should work. See the documentation here for details:

http://www.jforum.net/doc/Authenticators

Not sure, but I seem to remember that one "gotcha" might be that the current code does not search subtrees for users. But I could be wrong.
[originally posted on jforum.net by monroe]
Migrated From Jforum.net
Ranch Hand

Joined: Apr 22, 2012
Posts: 17424
Hi,
I have configured the GlobalSystems.properties file with the relevant LDAP config information but I am unable to login to jForum using my Novell username and password. Is there anyway of checking to see if this information is correct using jForum or can I turn on max debugging to see what is going on.

All I get is invalid username and password on the login screen.

Does anyone have any ideas ?

Thanks,

[originally posted on jforum.net by Portal_Dev]
Migrated From Jforum.net
Ranch Hand

Joined: Apr 22, 2012
Posts: 17424
Hi,
Has anyone managed to integrate jForum with LDAP (Novell eDir or Active Directory).

Will you let me know how it was done as I can't get this to work out of the box.

Also, is there sample code available on how to write an LDAP integration class for jForum ?

Thanks,

[originally posted on jforum.net by Portal_Dev]
Migrated From Jforum.net
Ranch Hand

Joined: Apr 22, 2012
Posts: 17424
Have you also created the users in jForum? Integrating with LDAP will not automatically create users and give them permissions in jForum, but will just handle the authentication.

[originally posted on jforum.net by GatorBait3]
Migrated From Jforum.net
Ranch Hand

Joined: Apr 22, 2012
Posts: 17424
I created one user in JForum manually (myself) which has the same username and password that I have in Novell.

Are there any specific permissions that user needs ?

After changing the settings in the properties file for LDAP authentication I tried to log in as myself but I still got "Invalid username or password"

Are there any specific classes I need to have on the path ?

Is there any way to debug this to see what is occurring ?

Thanks,




[originally posted on jforum.net by Portal_Dev]
Migrated From Jforum.net
Ranch Hand

Joined: Apr 22, 2012
Posts: 17424
GatorBait3 wrote:Have you also created the users in jForum? Integrating with LDAP will not automatically create users and give them permissions in jForum, but will just handle the authentication.


It's a great pity.
we have up to 10.000 users in our AD.
Has anyone an plugin which create a jforum account, if a user login first time in forum?
is the jforums account for any single user required?
i want to handle permissions only with AD groups.
[originally posted on jforum.net by Bjoern]
Migrated From Jforum.net
Ranch Hand

Joined: Apr 22, 2012
Posts: 17424
FWIW, I've used Tomcat's LDAP Realm and standard Forms based web security to authenticate against AD. This plus the RemoteUserSSO implementation, may get you close to what you want.
[originally posted on jforum.net by monroe]
 
GeeCON Prague 2014
 
subject: LDAP support