Release Up To:</strong> caArray 2.x
<strong>Date entered:</strong> 03/27/2009
</span>
caArray /UPT Integration
questionDiv
question
Question: Login caArray with LDAP Authentication questionEnd
I wanted to integrate caArray and LDAP authentication with my university's login account. In the same way, my colleagues should also be able to log into caArray using their accounts. What do I need to do to achieve this?
Topic:
Release:
Date entered:
Question
Answer
Have a comment?
Please leave your comment in the caArray End User Forum.
answer}}Answer:{{answerEnd
To use LDAP authentication, you need to configure the installation property, and make sure all the users being created in UPT.
h5}}Step 1. Configure Installation Property{{h5End
You can use either GUI installer or Commend Line installation to modify the configuration file. Following information in necessary:
h6}}GUI Installer Text : Property Name{{h6End
"LDAP Host Name" : ldap.host (E.g., ldap_host.mydomain.com)
"LDAP Search Base" : ldap.searchbase (The subdirectory in LDAP where users/roles should be searched for. E.g., ou=users, o=mydomain.com)
"LDAP Search Prefix" : ldap.searchprefix (The user ID prefix which is used by your LDAP server. uid=)
h6}}Commend Line installation (install.properties){{h6End
ldap.host= ldap.host (E.g., ldap_host.mydomain.com)
ldap.searchbase= ldap.searchbase
ldap.searchprefix=: ldap.searchprefix (The user ID prefix which is used by your LDAP server. uid=)
h5}}Step 2. Create User in UPT{{h5End
In order for someone with an LDAP account to log in to caArray; they need to be added to the UPT. (For details, see How to create caArray user with UPT?)
Log into the UPT for the caarray application
Click on the User Tab
Click on "Create a New User"
Enter the user's LDAP account into the "User Login Name" Field
Enter user's first name
Enter user's last name
Enter user's email address
(You can add other information you would like about the user, but DO NOT enter a password)
Click on the "Add" button
On the next screen, click on the "Associated Groups" button
Add the proper group (i.e. Principal Investigator, Lab Scientist, etc.)
Click on the "Update Associations" button
The user should now be able to login using their LDAP account credentials.
The UPT is designed to first check for a password provided in the UPT, if the password field is blank, it will then try to look for an LDAP connection and authentication.
h5}}Step 3: LDAP configuration in caArray 2.2.1 & under {{h5End
Several bugs were identified in the caArray installer (release 2.2.1 & under) with regards to the proper LDAP configuration. The bugs have been fixed in the upcoming caArray 2.3.0 release. In order to make LDAP working properly with any caArray instance prior to caArray version 2.3.0, however, user needs to manually configure the web.xml inside the caarray.war file, which is inside the caarray.ear file, following the steps below:
1. Back up your <caArray installation home>/jboss-4.0.5.GA/server/default/deploy/caarray.ear file
2. Extract the caarray.war file from the caarray.ear file using a zip utility
3. Extract the web.xml file from the caarray.war file using zip utility
4. Manually configure these two context-param elements with param-values set for your unique environment:
<context-param>
<param-name>ldapHost</param-name>
<param-value>ldaps://nci6116-ds2.nci.nih.gov:636</param-value>
</context-param>
<context-param>
<param-name>ldapSearchableBase</param-name>
<param-value>ou=nci,o=nih</param-value>
</context-param>
5. Save the modified web.xml and reinsert it into the proper location inside the caarray.war file using a zip utility (goes to <war root>/WEB-INF/web.xml)
6. Reinsert the caarray.war file back into the root of the caarray.ear file using a zip utility (goes to <ear root>/caarray.war)
7. Restart JBoss
h5}}Trouble Shooting:{{h5End
- Application name is case sensitive.
Have a comment? Please leave your comment in caArray End User Forum
</html>
