I can understand the concept of primary and secondary provider. I’m not sure what to do with the following properties in terms of which values to set them to. Any examples would be appreciated.
hybridAuthProvider.primaryProvider.className (required) – the class name of the auth provider.
I am wanting to first authenticate against LDAP active directory and then against the internal database. I am able to currently authenticate against LDAP but thats all at the moment. If the user is not found using LDAP authentication, then I am wanting open fire to check in the internal database.
I am also needing to find a way of adding users to the internal database as well.
You have to make the following settings
provider.auth.className = org.jivesoftware.openfire.auth.HybridAuthProvider
provider.user.className = org.jivesoftware.openfire.auth.HybridUserProvider
hybridAuthProvider.primaryProvider.className = org.jivesoftware.openfire.ldap.LdapAuthProvider
hybridAuthProvider.secondaryProvider.className = org.jivesoftware.openfire.auth.DefaultAuthProvider
hybridUserProvider.primaryProvider.className = org.jivesoftware.openfire.ldap.LdapUserProvider
hybridUserProvider.secondaryProvider.className = org.jivesoftware.openfire.auth.DefaultUserProvider
And of course the settings for ldap, you can find more about this here http://www.igniterealtime.org/builds/openfire/docs/latest/documentation/ldap-gui de.html
Thank you for replying.
To enable both internal db authentication and LDAP, do I need to install with default options or install specifically with LDAP first? Or would it not make a difference?
It doesn’t make any difference. Install with whatever makes it easier for you and set the settings how you need after.
Thank you for replying again.
For some of the settings to take effect would I have to restart the server?
Some settings do seem to take effect straight away but some do not.
Yes, you have to restart the server for some settings. Auth related things are initializated when server starts.
The majority of what you suggested does work.
However when it comes to adding people to the internal database I have to change the property for:
When this is changed, the connection with LDAP is lost but when I change it back to:
It then auths against db and ldap.
Is there anyway I can do both at the same time without having to keep changing the properties each time I need to add a new user?
I’m wondering, would I need to do the same with the settings for,
I’m not sure but I’m guessing to leave those with internal provider.
I don’t know about creating users, I think you have to have the primary user provider set to default provider, but I’m not sure, I am only using sql provider now because I don’t need internal users.
Did you ever figure this out?
I am running into the same problem.
Hi Andrei / Andrew -
I’ve got similar issues w/ the same exact setup. I have posted over at http://community.igniterealtime.org/thread/42440
Could you take a peek?
Does some one has exect settings for dual athentication.
I have post my question on the following thread