Older version

PhenixID web apps authentication – Username and password

This authenticator is used for username-password authentication. User stores can be LDAP or SQL.

Modules required

auth-http
pipes

Configuration Properties

Name	Description	Default value	Mandatory
successURL	The URL to redirect the browser to after successful authentication.		Yes
loginTemplate	Template to use for user interface.	login.template	No
userNameParamName	Name of the username request parameter	username	No
passworParamterName	Name of the password request parameter.	password	No
allowLanguageChange	Enable / disable language change. Set ??? to allow language change.		No
translationKey	Set key to use for fetching login page body text.	login.messages.information.body	No
headingtranslationKey	Set key to use for fetching login page header text.	login.messages.information.header	No
pipeID	Id of pipe used to validate username and password.		Yes
errorURL	The URL to redirect the browser to after unsuccessful authentication.		No

Example configuration

LDAP user store is used in this example.

HTTP Authenticators

{
  "name" : "PostUidAndPassword",
  "id" : "unpw",
  "alias" : "unpw",
  "displayName" : "Username Password",
  "configuration" : {
    "errorURL" : "/error/myerrorpage.html",
      "loginTemplate" : "login.template",
      "successURL" : "/otpadmin/",
      "pipeID" : "UserLookupAndAuthWithLDAP"
      }
}

Pipes

{
  "id" : "UserLookupAndAuthWithLDAP",
  "valves" : [ {
    "name" : "LDAPSearchValve",
      "config" : {
      "connection_ref" : "local_ldap",
      "base_dn" : "ou=users,dc=demo,dc=phenixid,dc=se",
      "scope" : "SUB",
      "size_limit" : "0",
      "filter_template" : "(&(objectclass=*)(uid={{request.username}}))",
      "attributes" : "commonName,uid,mail,mobile"
      }
  }, {
    "name" : "LDAPBindValve",
    "config" : {
      "connection_ref" : "local_ldap",
      "password_param_name" : "password"
      }
    },
{
		"name": "PropertyAddValve",
		"config": {
			"name": "roles",
			"value": "auth:7313aa29-f399-4a5b-afd3-fb1d7a88ae93",
			"enable_multi_value": "true"
		}
	}
	 ]
}

Read this article to get the correct value for the roles property.

Database Connection

{
  "id" : "local_ldap",
  "type" : "ldap",
  "description" : "Connection to local OpenDJ",
  "config" : {
    "host" : "localhost",
    "port" : "389",
    "bind_dn" : "cn=Directory Manager",
    "password" : "{enc}D5rVvfE+HpfoHagoMv1r1oy91oDYX44eObCS6qCLh9I=",
    "use_ssl" : "false",
    "ssl_trust_all" : "false",
    "follow_referrals" : "false",
    "auto_reconnect" : "true",
    "use_keep_alive" : "true",
    "response_timeout_ms" : "30000",
    "pool_initial_size" : "1",
    "pool_max_size" : "2"
  }
}