Login to ldap using email

cancel
Showing results for 
Search instead for 
Did you mean: 
hernanisaurelio
Active Member

Login to ldap using email

I am customizing Alfresco 5.2 and I would like you to help or guide me how I can implement the subsystem for logging in via email in LDAP.

4 Replies
EddieMay
Community Manager
Community Manager

Re: Login to ldap using email

Hi @hernanisaurelio 

For the general approach to LDAP you can consult the relevant documentation on authentication subsystems. For a visual guide to LDAP integration, see Angel Borroy's video for 5.2 LDAP configuration

For logging in via email, I presume you mean using an email address as the username? 

Digital Community Manager, Alfresco Software.
Problem solved? Click Accept as Solution!
hernanisaurelio
Active Member

Re: Login to ldap using email

Thank you so much for your time EddieMay

I can already integrate my application with LDAP, I am using OpenLDAP.
At the moment I can only login with the username.
And I really really need to login with the LDAP email id. How could I do that

Thank you very much in advance.

sufo
Established Member II

Re: Login to ldap using email

I found this old post https://hub.alfresco.com/t5/ecm-archive/ldap-authentication-ad-by-email/m-p/270967/highlight/true#M1..., but don't know if you are willing to modify DNs of users. Personally I wouldn't do it.

Here is something for Alfresco 5.1, 5.2 which involves coding and deeper knowledge of Alfresco: https://www.enprowess.com/blogs/alfresco-ldap-using-email/

You could use external authentication and setup Apache HTTPD proxy and authenticate users there. Check this attribute: https://httpd.apache.org/docs/2.4/mod/mod_authnz_ldap.html#authldapremoteuserattribute

In Apache, set this header:

RequestHeader set X-Alfresco-Remote-User %{RU}e

 

In alfresco-global.properties:

authentication.chain=external1:external,alfrescoNtlm1:alfrescoNtlm
external.authentication.enabled=true
external.authentication.proxyUserName=
external.authentication.proxyHeader=X-Alfresco-Remote-User
external.authentication.defaultAdministratorUserNames=admin

You have to modify also share-config-custom.xml https://docs.alfresco.com/content-services/6.1/admin/auth-sync/ (search for <userHeader>X-Alfresco-Remote-User</userHeader>).

 

hernanisaurelio
Active Member

Re: Login to ldap using email

Sorry for the delay

I've been studying tutorial

https://www.enprowess.com/blogs/alfresco-ldap-using-email/

I had to have the LDAPAuthenticationComponentImpl.class file

And I managed to manipulate the java code of this compiled file.

For me to be able to log in with the email I had to use "userName.substring (0, userName.indexOf ("@"))"
This allows me to enter the email I type, eg "john.smith@info.com".
However, the validation happens only with everything before the at sign, which means that I can type anything after the at sign eg: "info01.com" and the login is done.

Inside the tutorial I found this code 

 

            Attributes matchAttrs = new BasicAttributes(true);
            matchAttrs.put(new BasicAttribute(userEmailAttributeName, userName));

            NamingEnumeration<SearchResultanswer;
            String finalUser = null;

            try{
                answer = ctx.search(userSearchBase, matchAttrs);
                while (answer.hasMore()){
                    SearchResult result = answer.next();
                    finalUser = result.getName();
                }
                userName = finalUser != null ? finalUser.substring(finalUser.indexOf("@") + 1): "";
                return userName;
            }catch(NamingException e){
                e.getMessage();
            }
 
 

And I would like to know how I can capture the ldap email from the username "john.smith"
And then make a comparison with the email captured from the Ldap email and the email typed in the login screen.

I hope I have explained it in the best way

Thank you very much in advance.