mirror of
https://github.com/Alfresco/alfresco-community-repo.git
synced 2025-06-16 17:55:15 +00:00
bcfd0ae519
6466: Xml metadata. Support for pulling collections of values from XML
6470: Fix for AWC-1321 - Using zero as items per page gives error for Alfresco repos in OpenSearch
6471: Fix for AWC-1496 - OpenSearch dashlet can get in a state where search queries are not executed
6472: Fix for AWC-1495. Searching additional attributes now working correctly for folders.
6473: Fix for AR-1251 (Version error when saving new content via CIFS)
6474: Updated bundles and installers - added missing files back into Linux bundle
6475: LDAP and chainging authentication
Resolved conflicted state of 'root\projects\repository\source\java\org\alfresco\repo\security\authentication\AuthenticationUtil.java'
6477: XForms WCM-696.
6478: Fix for WCM-567 (IndexOutOfBoundsException when stepping through wizard rapidly)
6480: Fix to issue when removing locks on directories.
6481: Updated installer and config wizard to fix download option and config behaviour when called from installer.
6482: Fix for WCM-1229 (properties sheet does not refresh)
6483: Fix for AR-1511
6484: Fix for AR-1351
6485: Missed a unit test update
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@6737 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
100 lines
4.7 KiB
XML
100 lines
4.7 KiB
XML
<?xml version='1.0' encoding='UTF-8'?>
|
|
<!DOCTYPE beans PUBLIC '-//SPRING//DTD BEAN//EN' 'http://www.springframework.org/dtd/spring-beans.dtd'>
|
|
|
|
<beans>
|
|
|
|
<!-- The main configuration has moved into a properties file -->
|
|
|
|
<bean name="ldapAuthenticationPlaceholderConfigurer" class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">
|
|
<property name="ignoreUnresolvablePlaceholders">
|
|
<value>true</value>
|
|
</property>
|
|
<property name="locations">
|
|
<value>classpath:alfresco/extension/ldap-authentication.properties</value>
|
|
</property>
|
|
</bean>
|
|
|
|
<!-- DAO that rejects changes - LDAP is read only at the moment. It does allow users to be deleted with out warnings from the UI. -->
|
|
|
|
<bean name="authenticationDao" class="org.alfresco.repo.security.authentication.DefaultMutableAuthenticationDao" >
|
|
<property name="allowDeleteUser">
|
|
<value>true</value>
|
|
</property>
|
|
</bean>
|
|
|
|
|
|
<!-- LDAP authentication configuration -->
|
|
|
|
<!--
|
|
|
|
You can also use JAAS authentication for Kerberos against Active Directory or NTLM if you also require single sign on from the
|
|
web browser. You do not have to use LDAP authentication to synchronise groups and users from an LDAP store if it supports other
|
|
authentication routes, like Active Directory.
|
|
|
|
-->
|
|
|
|
<bean id="authenticationComponent" class="org.alfresco.repo.security.authentication.ldap.LDAPAuthenticationComponentImpl">
|
|
<property name="LDAPInitialDirContextFactory">
|
|
<ref bean="ldapInitialDirContextFactory"/>
|
|
</property>
|
|
<property name="userNameFormat">
|
|
<!--
|
|
|
|
This maps between what the user types in and what is passed through to the underlying LDAP authentication.
|
|
|
|
"%s" - the user id is passed through without modification.
|
|
Used for LDAP authentication such as DIGEST-MD5, anything that is not "simple".
|
|
|
|
"cn=%s,ou=London,dc=company,dc=com" - If the user types in "Joe Bloggs" the authenticate as "cn=Joe Bloggs,ou=London,dc=company,dc=com"
|
|
Usually for simple authentication. Simple authentication always uses the DN for the user.
|
|
|
|
-->
|
|
<value>${ldap.authentication.userNameFormat}</value>
|
|
</property>
|
|
</bean>
|
|
|
|
<!--
|
|
|
|
This bean is used to support general LDAP authentication. It is also used to provide read only access to users and groups
|
|
to pull them out of the LDAP reopsitory
|
|
|
|
-->
|
|
|
|
<bean id="ldapInitialDirContextFactory" class="org.alfresco.repo.security.authentication.ldap.LDAPInitialDirContextFactoryImpl">
|
|
<property name="initialDirContextEnvironment">
|
|
<map>
|
|
<!-- The LDAP provider -->
|
|
<entry key="java.naming.factory.initial">
|
|
<value>${ldap.authentication.java.naming.factory.initial}</value>
|
|
</entry>
|
|
|
|
<!-- The url to the LDAP server -->
|
|
<!-- Note you can use space separated urls - they will be tried in turn until one works -->
|
|
<!-- This could be used to authenticate against one or more ldap servers (you will not know which one ....) -->
|
|
<entry key="java.naming.provider.url">
|
|
<value>${ldap.authentication.java.naming.provider.url}</value>
|
|
</entry>
|
|
|
|
<!-- The authentication mechanism to use -->
|
|
<!-- Some sasl authentication mechanisms may require a realm to be set -->
|
|
<!-- java.naming.security.sasl.realm -->
|
|
<!-- The available options will depend on your LDAP provider -->
|
|
<entry key="java.naming.security.authentication">
|
|
<value>${ldap.authentication.java.naming.security.authentication}</value>
|
|
</entry>
|
|
|
|
<!-- The id of a user who can read group and user information -->
|
|
<!-- This does not go through the pattern substitution defined above and is used "as is" -->
|
|
<entry key="java.naming.security.principal">
|
|
<value>${ldap.authentication.java.naming.security.principal}</value>
|
|
</entry>
|
|
|
|
<!-- The password for the user defined above -->
|
|
<entry key="java.naming.security.credentials">
|
|
<value>${ldap.authentication.java.naming.security.credentials}</value>
|
|
</entry>
|
|
</map>
|
|
</property>
|
|
</bean>
|
|
|
|
</beans> |