Edit online

How to Set up LDAP Authentication

To configure LDAP authentication for Oxygen Feedback Enterprise:
  1. Enable LDAP authentication support by editing the $OXYGEN_FEEDBACK_HOME_DIR/config/feedback-ldap.properties file and set the feedback.ldap.enabled property to true.
  2. Configure the URL for your LDAP server by setting the feedback.ldap.serverUrl property. For example:
    feedback.ldap.serverUrl=ldap://ldap.example.com:33389/dc=myco,dc=org
  3. Specify the pattern for the search filter used to identify a user entity on the LDAP server by setting the feedback.ldap.userSearchFilter property. For example:
    (|(mail={0})(uid={0}))

    The substituted parameter is the user's login name. This example pattern enables user authentication with both the username and email address.

  4. Specify the name of the email attribute for the LDAP user entity by setting the feedback.ldap.emailAttribute property.
    Important: For the authentication to work, it is mandatory that your LDAP users entities have an associated email address.
  5. Specify whether or not new account registration is allowed by setting the feedback.ldap.userRegistrationEnabled property. For example, to disable new account registration (hides the Sign Up form in the login page):
    feedback.ldap.userRegistrationEnabled=false
    Note: The feedback.ldap.userRegistrationEnabled property does not disable the possibility of authenticating using a local (DB) account. It only hides the Sign Up form, thus inhibiting the possibility of creating new local user accounts.
Example of the Configuration Properties File
###########################################################################
# Stores the configuration properties for the LDAP authentication support #
###########################################################################

# Flag used to enable the LDAP authentication support.
feedback.ldap.enabled=true# Specifies the LDAP server URL.

# For example: "ldap://ldap.example.com:33389/dc=myco,dc=org".
feedback.ldap.serverUrl=ldap://ldap.example.com:33389/dc=myco,dc=org

# The LDAP filter used to search for users. 
# For example "(uid={0})". The substituted parameter is the user's login name.
feedback.ldap.userSearchFilter=(|(mail={0})(uid={0}))

# The name of the email attribute of the user entity.
feedback.ldap.emailAttribute=mail

# Property for choosing whether or not to enable new account registration
feedback.ldap.userRegistrationEnabled=true