Hybrid Auth Provider Properties

Hi

I can understand the concept of primary and secondary provider. I’m not sure what to do with the following properties in terms of which values to set them to. Any examples would be appreciated.

  • hybridAuthProvider.primaryProvider.className (required) – the class name of the auth provider.

  • I am wanting to first authenticate against LDAP active directory and then against the internal database. I am able to currently authenticate against LDAP but thats all at the moment. If the user is not found using LDAP authentication, then I am wanting open fire to check in the internal database.

    I am also needing to find a way of adding users to the internal database as well.

    Andrew

Hi,

You have to make the following settings

provider.auth.className = org.jivesoftware.openfire.auth.HybridAuthProvider

provider.user.className = org.jivesoftware.openfire.auth.HybridUserProvider

hybridAuthProvider.primaryProvider.className = org.jivesoftware.openfire.ldap.LdapAuthProvider

hybridAuthProvider.secondaryProvider.className = org.jivesoftware.openfire.auth.DefaultAuthProvider

hybridUserProvider.primaryProvider.className = org.jivesoftware.openfire.ldap.LdapUserProvider

hybridUserProvider.secondaryProvider.className = org.jivesoftware.openfire.auth.DefaultUserProvider

And of course the settings for ldap, you can find more about this here http://www.igniterealtime.org/builds/openfire/docs/latest/documentation/ldap-gui de.html

Best regards,

Andrei

Hi

Thank you for replying.

To enable both internal db authentication and LDAP, do I need to install with default options or install specifically with LDAP first? Or would it not make a difference?

Regards,

Andrew

Hi,

It doesn’t make any difference. Install with whatever makes it easier for you and set the settings how you need after.

Best regards,

Andrei

Hi

Thank you for replying again.

For some of the settings to take effect would I have to restart the server?

Some settings do seem to take effect straight away but some do not.

Regards,

Andrew

Hi,

Yes, you have to restart the server for some settings. Auth related things are initializated when server starts.

Regards,

Andrei

Hi

The majority of what you suggested does work.

However when it comes to adding people to the internal database I have to change the property for:

provider.user.className

to

org.jivesoftware.openfire.auth.HybridUserProvider

When this is changed, the connection with LDAP is lost but when I change it back to:

org.jivesoftware.openfire.ldap.LdapUserProvider

It then auths against db and ldap.

Is there anyway I can do both at the same time without having to keep changing the properties each time I need to add a new user?

Regards,

Andrew

Hi

I’m wondering, would I need to do the same with the settings for,

provider.group.className

provider.vcard.className

Regards,

Andrew

Hi,

I’m not sure but I’m guessing to leave those with internal provider.

Regards,

Andrei

I don’t know about creating users, I think you have to have the primary user provider set to default provider, but I’m not sure, I am only using sql provider now because I don’t need internal users.

Did you ever figure this out?

I am running into the same problem.

Hi Andrei / Andrew -

I’ve got similar issues w/ the same exact setup. I have posted over at http://community.igniterealtime.org/thread/42440

Could you take a peek?

Thanks,
John

Does some one has exect settings for dual athentication.

I have post my question on the following thread

http://community.igniterealtime.org/message/208427#208427

Mudasar

o2sp.com