LDAP Connection

An LDAP Connection resource template represents a connection to an LDAP server. Used by component implementations to look up names in an LDAP directory server.

General

Property Required? Editable? Accepts SVars? Description
Connection Factory Y Y Y The factory object that provides the starting point for resolution of names within the LDAP server.

Default: com.sun.jndi.ldap.LdapCtxFactory.

Provider URL Y Y Y The URL that provides the host and port number on which the LDAP server is listening for connections. It can also include a Base DN, the DN of an entry in the directory.

The Base DN:

  • Identifies the LDAP entry that is the starting point of all searches
  • Limits the searches to a subtree of the LDAP Server's directory

If the Base DN is not specified, all searches begin at the root DN.

Any unsafe characters in the URL must be represented by a special sequence of characters called escaping. For example, a space must be represented as %20. Thus, the DN ou=Product Development must be encoded as ou=Product%20Development.

Default: ldap://localhost:389.

Connection Timeout (ms) N Y Y The time to wait for a response from the LDAP directory server.

Default: 0.

Login Credentials

Property Required? Editable? Accepts SVars? Description
Login Credentials Y Y N Indicate how the credentials required to authenticate to a server are provided:
  • Identity Provider - Provide username and password credentials encapsulated in an identity provider resource. When selected, the Identity Provider field is activated.
  • Username + Password - Provide inline username and password credentials. When selected, the Username and Password fields are activated.

Default: Identity Provider

Identity Provider N Y N Name of the Identity Provider resource used to authenticate the user.
Username N Y N Username used to authenticate connections to the server.
Password N Y N User's password used to authenticate connections to the server.

(Administrator only) For superusers, passwords display encrypted. For non-superusers, the password doesn't display even if it was set when it was created. If you have permission to edit the password, you can specify a new value and save. If you edit other fields, the old value for the password field is retained. If you want to set an empty value as password, click the link Set Blank Password.

Advanced

Property Required? Editable? Accept SVars? Description
Pool Size N Y Y The preferred number of connections per connection identity that should be maintained concurrently.

Default: 10.

Pool Maximum N Y Y The maximum number of connections per connection identity that can be maintained concurrently.

Default: 15.

Pool Initial N Y Y The number of connections per connection identity to create when initially creating a connection for the identity.

Default: 5.

Pool Timeout (ms) N Y Y The length of time that an idle connection may remain in the pool without being closed and removed from the pool.

Default: 300000.

Follow Referrals N N Y Indicate whether an LDAP server should return a reference (a referral) to another LDAP server which may contain further information instead of returning a result.

Default: Unchecked.

SSL

Property Required? Editable? Accepts SVars? Description
Enable SSL N N N Enable SSL connections. When checked, the SSL properties display.

Default: Unchecked.

SSL Client Provider N Y N The name of an SSL Client Provider resource.