Authentication Process

This implementation queries LDAP, and optionally a user cache, to authenticate a user. A context with LDAP manager credentials is first used to look up a user and retrieve the complete distinguished name of the user's entry. If the user exists, a separate LDAP context is then created to authenticate the user. For performance reasons, the manager context, once created, exists for the lifetime of the module.

Should connectivity with the LDAP server break, multiple reconnection attempts may be made based on the parameters.

To increase performance, you can enable user caching. When enabled, a user is added to the user cache after being authenticated though LDAP. This allows for faster authentication on subsequent logins. If the user cache entry is found to be expired, the user is authenticated with LDAP again and the cache is updated.

Copyright © 2021. Cloud Software Group, Inc. All Rights Reserved.