From a33d5ddb992b89d4da8c5b68100c8a980770d7b7 Mon Sep 17 00:00:00 2001
From: Matthew Swift <matthew.swift@forgerock.com>
Date: Mon, 25 Mar 2013 13:37:53 +0000
Subject: [PATCH] Additional fix for OPENDJ-694: Implement HTTP BASIC authentication
---
opendj3/opendj-rest2ldap-servlet/src/main/webapp/opendj-rest2ldap-servlet.json | 10 +++++++---
1 files changed, 7 insertions(+), 3 deletions(-)
diff --git a/opendj3/opendj-rest2ldap-servlet/src/main/webapp/opendj-rest2ldap-servlet.json b/opendj3/opendj-rest2ldap-servlet/src/main/webapp/opendj-rest2ldap-servlet.json
index cef1345..e3f3547 100644
--- a/opendj3/opendj-rest2ldap-servlet/src/main/webapp/opendj-rest2ldap-servlet.json
+++ b/opendj3/opendj-rest2ldap-servlet/src/main/webapp/opendj-rest2ldap-servlet.json
@@ -73,14 +73,16 @@
// LDAP search using a filter constructed by
// substituting the username into the
// "searchFilterTemplate" using %s substitution.
- "method" : "simple",
+ "method" : "search-simple",
// The connection factory which will be exclusively used for
// authenticating users using LDAP bind operations.
"bindLDAPConnectionFactory" : "default",
// The SASL AuthzID template which will be used for "sasl-plain"
- // authentication.
+ // authentication. The %s format parameters will be substituted with
+ // the client-provided username, using DN character escaping for DN
+ // AuthzIDs.
"saslAuthzIdTemplate" : "dn:uid=%s,ou=people,dc=example,dc=com",
// The connection factory which will be used for performing LDAP
@@ -88,7 +90,9 @@
// enabled.
"searchLDAPConnectionFactory" : "root",
- // The search parameters to use for "search-simple" authentication.
+ // The search parameters to use for "search-simple" authentication. The
+ // %s filter format parameters will be substituted with the
+ // client-provided username, using LDAP filter string character escaping.
"searchBaseDN" : "ou=people,dc=example,dc=com",
"searchScope" : "sub", // Or "one".
"searchFilterTemplate" : "(&(objectClass=inetOrgPerson)(uid=%s))"
--
Gitblit v1.10.0