LDAPBindValve

Valve for user authentication, performing a bind operation to an LDAP Directory.

This valve requires the Current Item Set to contain one and only one item. This item (the item id) is used for the bind in combination with a supplied password.

This valve supports user lockout. See: PhenixID Authentication Services › Solutions › Misc configuration solutions › User Lockout in PhenixID Server

Properties

Name Description Default value Mandatory Supports property expansion
connection_ref Id of LDAP connection to use. Must refer to a connection of type 'LDAP'. Yes No
password_param_name Name of the input parameter containing the password. password Yes Yes
userid_param_name Name of the input parameter containing the username. This parameter is only used for lockouts. No Yes
allowed_error_codes Allowed error codes as comma separated list. Only supported for Microsoft Active Directory. No No

Example Configuration

{
    "name": "LDAPBindValve",
    "config": { 
        "connection_ref":"b0f2ddff-9585-47c5-9286-2bee2b731197",
        "password_param_name":"User-Password",
        "userid_param_name":"User-Name",
        "allowed_error_codes":"532,701"
    }
}

Requirements

Item set must have exactly one entry.