Table 47-1 LDAPRealmMBean Element Attributes
|
Attribute
|
Description
|
Range of Values and Default
|
Console Label
|
|
Auth-Protocol
|
Defines the type of authentication used to authenticate the LDAP server. Set the attribute to one of the following:
Netscape Directory Server supports CRAM-MD5. Microsoft Site Server and Novell NDS support simple.
|
Default: "none"
Valid values:
|
Auth Protocol
|
|
Credential
|
The password that authenticates the LDAP user defined in the Principal attribute. This password is automatically encrypted.
|
Default: null
|
Credential
|
|
Group-DN
|
The list of attributes that, when combined with the attribute named in the groupNameAttributeattribute, uniquely identifies a group in the LDAP directory.
|
Default:
|
Group DN
|
|
Group-Is-Context
|
Specifies how group membership is recorded in the LDAP directory.
Set to true if each group entry contains one user.
Set to false if there is one group entry containing an attribute for each group member.
|
Default: true
|
Group Is Context
|
|
Group-Name-Attribute
|
The name of a group in the LDAP directory. It is usually the common name.
|
Default: "cn"
|
Group Name Attribute
|
|
Group-Username-Attribute
|
The name of the attribute that contains a group member in a group entry.
|
Default: "member"
|
Group Username Attribute
|
|
LDAPURL
|
The location of the LDAP server. Change the URL to the name of the computer on which the LDAP server is running and the number of the port at which the LDAP server is listening.
If you want WebLogic Server to connect to the LDAP server using the SSL protocol, use the SSL port of the LDAP server in the server URL.
|
Default: "ldap://ldapserver:389"
|
LDAPURL
|
|
Ldap-Provider
|
The name of the class that implements an LDAP directory server. This attribute allows you to use an LDAP directory server other than the one supplied by Sun Microsystems. WebLogic Server supports the following LDAP directory servers: Open LDAP, Netscape iPlanet, Microsoft Site Server, and Novell NDs.
|
Default: "com.sun.jndi.ldap.LdapCtxFactory"
|
Ldap Provider
|
|
Name
|
The name of this configuration. WebLogic Server uses an MBean to implement and persist the configuration.
|
|
Name
|
|
Notes
|
Optional information that you can include to describe this configuration.
|
|
Notes
|
|
Principal
|
The distinguished name of the LDAP user that WebLogic Server uses to connect to the LDAP server. This user must be able to list LDAP users and groups.
|
Default: null
|
Principal
|
|
Realm-Class-Name
|
|
|
Realm Class Name
|
|
SSLEnable
|
Enables the use of the SSL protocol to protect communications between the LDAP server and WebLogic Server. Keep in mind the following:
|
Default: false
|
Enable SSL
|
|
User-Authentication
|
Determines the method for allowing or denying a user the right to communicate with WebLogic Server. Set this attribute to one of the following values:
|
Default: "bind"
Valid values:
|
User Authentication
|
|
User-DN
|
A list of attributes that, when combined with the attribute named in the userNameAttribute attribute, uniquely identifies a user in the LDAP directory.
When specifying this attribute, use the following format:
ou=Barb.Klock, u=acme.com
|
Default:
|
User DN
|
|
User-Name-Attribute
|
The login name of a user for the LDAP directory. The value of this attribute can be the common name of a user in the LDAP directory. However, it is generally an abbreviated string, such as a User ID.
|
|
User Name Attribute
|
|
User-Password-Attribute
|
If the userAuthentication attribute is set to local, this attribute finds the attribute in the LDAP user objects that contains the passwords of the LDAP users.
|
Default: "userpassword"
|
User Password Attribute
|
