Administration Console Online Help
 |  |  |  |
Administration Console Online Help
| | | |
Configuration Options Related Tasks Related Topics
Use this page to define the provider specific configuration for this Open LDAP Authentication provider.
| Name | Description |
|---|---|
| Group Base DN |
The base distinguished name (DN) of the tree in the LDAP directory that contains groups. MBean Attribute: Changes take effect after you redeploy the module or restart the server. |
| Group Search Scope |
Specifies how deep in the LDAP directory tree to search for groups. Valid values are subtree and onelevel. MBean Attribute: Changes take effect after you redeploy the module or restart the server. |
| Group From Name Filter |
An LDAP search filter for finding a group given the name of the group. If the attribute is not specified (that is, if the attribute is null or empty), a default search filter is created based on the group schema. MBean Attribute: Changes take effect after you redeploy the module or restart the server. |
| All Groups Filter |
An LDAP search filter for finding all groups beneath the base group distinguished name (DN). If the attribute is not specified (that is, if the attribute is null or empty), a default search filter is created based on the Group schema. MBean Attribute: Changes take effect after you redeploy the module or restart the server. |
| Static Group Object Class |
The name of the LDAP object class that stores static groups. MBean Attribute: Changes take effect after you redeploy the module or restart the server. |
| Static Group Name Attribute |
The attribute of a static LDAP group object that specifies the name of the group. MBean Attribute: Changes take effect after you redeploy the module or restart the server. |
| User Object Class |
The LDAP object class that stores users. MBean Attribute: Changes take effect after you redeploy the module or restart the server. |
| User Name Attribute |
The attribute of an LDAP user object that specifies the name of the user. MBean Attribute: Changes take effect after you redeploy the module or restart the server. |
| User Dynamic Group DN Attribute |
If such an attribute does not exist, WebLogic Server determines if a user is a member of a group by evaluating the URLs on the dynamic group. If a group contains other groups, WebLogic Server evaluates the URLs on any of the descendents (indicates parent relationship) of the group. MBean Attribute: Changes take effect after you redeploy the module or restart the server. |
| User Base DN |
The base distinguished name (DN) of the tree in the LDAP directory that contains users. MBean Attribute: Changes take effect after you redeploy the module or restart the server. |
| User Search Scope |
Specifies how deep in the LDAP directory tree the Open LDAP Authentication provider should search for users. Valid values are MBean Attribute: Changes take effect after you redeploy the module or restart the server. |
| User From Name Filter |
If the attribute (user name attribute and user object class) is not specified (that is, if the attribute is null or empty), a default search filter is created based on the user schema. MBean Attribute: Changes take effect after you redeploy the module or restart the server. |
| All Users Filter |
If the attribute (user object class) is not specified (that is, if the attribute is null or empty), a default search filter is created based on the user schema. MBean Attribute: Changes take effect after you redeploy the module or restart the server. |
| Use Retrieved User Name as Principal |
Specifies whether or not the user name retrieved from LDAP should be used as the Principal in the Subject. MBean Attribute: Changes take effect after you redeploy the module or restart the server. |
| Ignore Duplicate Membership |
Determines whether duplicate members are ignored when adding groups. The attribute cycles in the Group membership. MBean Attribute: Changes take effect after you redeploy the module or restart the server. |
| Static Member DN Attribute |
The attribute of an LDAP static group object that specifies the distinguished names (DNs) of the members of the group. MBean Attribute: Changes take effect after you redeploy the module or restart the server. |
| Static Group DNs from Member DN Filter |
An LDAP search filter that, given the distinguished name (DN) of a member of a group, returns the DNs of the static LDAP broups that contain that member. MBean Attribute: Changes take effect after you redeploy the module or restart the server. |
| Dynamic Group Object Class |
The LDAP object class that stores dynamic groups. MBean Attribute: Changes take effect after you redeploy the module or restart the server. |
| Dynamic Group Name Attribute |
The attribute of a dynamic LDAP group object that specifies the name of the group. MBean Attribute: Changes take effect after you redeploy the module or restart the server. |
| Dynamic Member URL Attribute |
The attribute of the dynamic LDAP group object that specifies the URLs of the members of the dynamic group. MBean Attribute: Changes take effect after you redeploy the module or restart the server. |
| Host |
The host name or IP address of the Open LDAP server. MBean Attribute: Changes take effect after you redeploy the module or restart the server. |
| Port |
The port number on which the Open LDAP server is listening. MBean Attribute: Minimum value: Maximum value: Changes take effect after you redeploy the module or restart the server. |
| SSLEnabled |
Specifies whether the SSL protocol should be used when connecting to the Open LDAP server. MBean Attribute: Changes take effect after you redeploy the module or restart the server. |
| Connection Retry Limit |
Specifies the number of times to attempt to connect to the LDAP server if the initial connection failed. MBean Attribute: Changes take effect after you redeploy the module or restart the server. |
| Principal |
The Distinguished Name (DN) of the Open LDAP user that WebLogic Server should use to connect to the Open LDAP server. MBean Attribute: Changes take effect after you redeploy the module or restart the server. |
| Credential |
The credential (usually a password) used to connect to the Open LDAP server. If this password has not been set, WebLogic Server generates a password at startup, initializes the attribute, and saves the configuration to the config.xml file. If you want to connect to the embedded LDAP server using an external LDAP browser and the embedded LDAP administrator account (cn=Admin), change this attribute from the generated value. MBean Attribute: Changes take effect after you redeploy the module or restart the server. |
| Cache Enabled |
Specifies whether a cache is used with the Open LDAP server This is a cache of the LDAP requests. MBean Attribute: Changes take effect after you redeploy the module or restart the server. |
| Cache Size |
The size of the cache (in kilobytes) that is used with the Open LDAP server MBean Attribute: Minimum value: Changes take effect after you redeploy the module or restart the server. |
| Cache TTL |
The time-to-live of the cache (in seconds) that is used with the Open LDAP server MBean Attribute: Minimum value: Changes take effect after you redeploy the module or restart the server. |
| Follow Referrals |
Specifes that a search for a user or group within the Open LDAP Authentication provider will follow referrals to other LDAP servers or branches within the LDAP directory. By default, this attribute is enabled. MBean Attribute: Changes take effect after you redeploy the module or restart the server. |
| Bind Anonymously On Referrals |
By default, the Open LDAP Authentication provider uses the same DN and password used to connect to the LDAP server when following referrals during a search. If you want to connect as an anonymous user, enable this attribute. MBean Attribute: Changes take effect after you redeploy the module or restart the server. |
| Results Time Limit |
The maximum number of milliseconds for the LDAP server to wait for results before timing out. If this attribute is set to 0, there is not maximum time limit.. MBean Attribute: Changes take effect after you redeploy the module or restart the server. |
| Connect Timeout |
The maximum time in seconds to wait for the connection to the LDAP server to be established. If this attribute is set to 0, there is not a maximum time limit. MBean Attribute: Changes take effect after you redeploy the module or restart the server. |
| Parallel Connect Delay |
The delay in seconds when making concurrent attempts to attempt to multiple LDAP servers. If this attribute is set to 0, connection attempts are serialized. An attempt is made to connect to the first server in the list. The next entry in the list is tried only if the attempt to connect to the current host fails. If this attribute is not set and an LDAP server is unavailable, an application may be blocked for a long time. If this attribute is greater than 0, another connection is started after the specified time. MBean Attribute: Changes take effect after you redeploy the module or restart the server. |
| Group Membership Searching |
Specifies whether recursive group membership searching is unlimited or limited. Valid values are unlimited and limited. MBean Attribute: Changes take effect after you redeploy the module or restart the server. |
| Max Group Membership Search Level |
Specifies how many levels of group membership can be searched. This setting is valid only if GroupMemberShipSearching is set to limited. Valid values are 0 and positive integers. For example, 0 indicates only direct group memberships will be found, aa positive number indicates the number of levels to search. MBean Attribute: Changes take effect after you redeploy the module or restart the server. |
 |