Multiple Authentication with DB and LDAP in Wildfire 2.5.1 or later

Is it possible to have dual authentication using the user ID and password stored in the DB if the user can’'t be found in LDAP ? The reason for this is that part of the company is using Novell with NDS and other part is using NT Domains (no mechanism in client to authenticate against DC).

I’‘m currently using Wildfire 2.5.1 but also looking to upgrade to 3.1 when it’'s released.

Martyn

Hi Martyn,

Yes, you can. Please take at this post from a couple of weeks ago.

Hope that helps,

Ryan

Hi Ryan

Thanks for the quick reply, this looks like it would work.

Can you give me some idea of the specific config required to do authentication in the following order:

Primary authentication - use the default (or defaults) that wildfire currently uses.

Secondary authentication - query LDAP

The reason for this order is that the user base is primarily setup using the default authentication (stored in MySQL DB) and we want to allow LDAP for the comparitively few users that will now be using the system. I’'m just not sure what the config should actually look like with providers etc.

I’'m assuming that everything else other than their ID and password (JiveUser table) would still be stored in the DB ?

Martyn

Hi Martyn,

I don’'t have an example of what it would look like with MySQL but below is what it looks like using the embedded database which should provide a good starting point:

<?xml version="1.0" encoding="UTF-8"?>
<jive>   <adminConsole>     <port>9090</port>      <securePort>9091</securePort>    </adminConsole>    <locale>en</locale>    <ldap>     <host></host>      <port></port>      <usernameField></usernameField>      <nameField></nameField>      <emailField></emailField>      <baseDN></baseDN>      <adminDN></adminDN>      <adminPassword></adminPassword>      <debugEnabled></debugEnabled>   </ldap>    <provider>     <auth>       <className>org.jivesoftware.wildfire.auth.HybridAuthProvider</className>     </auth>      <user>       <className>org.jivesoftware.wildfire.user.DefaultUserProvider</className>     </user>   </provider>    <hybridAuthProvider>     <primaryProvider>       <className>org.jivesoftware.wildfire.auth.DefaultAuthProvider</className>     </primaryProvider>      <secondaryProvider>       <className>org.jivesoftware.wildfire.ldap.LdapAuthProvider</className>     </secondaryProvider>   </hybridAuthProvider>    <connectionProvider>     <className>org.jivesoftware.database.EmbeddedConnectionProvider</className>   </connectionProvider>    <setup>true</setup>    <log>     <debug>       <enabled>false</enabled>     </debug>   </log> </jive>

I’'m assuming that everything else other than their ID and password (JiveUser table) would still be stored in the DB ?

Correct, except for the non-LDAP users, they’'re ID and password would also be stored in the DB.

Hope that helps,

Ryan

Hi Ryan

This is exactly what I wanted - thanks again, I’'m going to have a play with it and will feedback to this thread.

Martyn