Provider - LDAP

Description - Lightweight directory access protocol or LDAP a software protocol that enables standard program accessibility to locate organizations, individuals, and other resources such as files and devices in a network, whether on the public Internet or on a corporate intranet. Enabling LDAP for use with iWay Service Manager allows the value of configuration parameters to be retrieved directly from an LDAP-enabled directory. iWay Service Manager's use of LDAP follows all security rules for LDAP use and does not permit any changes to be made to the LDAP directory.

Runtime Class - com.iwaysoftware.eclipse.template.LdapProviderType

Parameter Groups

LDAP Server Definition

	Parameter	Type	Description
	LDAP Initial Context Factory	string	Fully qualified class name of the LDAP Initial Context Factory, default is com.sun.jndi.ldap.LdapCtxFactory
*	URL	string	URL to reach LDAP directory. LDAP URL's are in the form ldap://host[:port] or ldaps://host[:port]. When used as a CertStore, consider adding the base DN to the URL, for example ldap://host[:port]/o=Company,c=US
	Pool Size	string	A pool of connections to the LDAP server reduces contention but increases memory use. iWay suggests a range of 2-10 for a normally loaded system.
	Authentication Mechanism	string	Specifies the authentication mechanism to use. Choose Not Specified to use JNDI's default. If the User ID and Password are absent, the default is none, otherwise the default is simple. When using an LDAPS URL, the default is always simple. You can also type a space separated list of mechanisms to try in order of preference. Select from one of the following options: Not Specified {Not Specified} none {none} simple {simple} DIGEST-MD5 {DIGEST-MD5}
	Authentication Realm	string	For some SASL authentication mechanisms, this is the domain from which the user ID should be chosen. If you do not specify a realm, then any one of the realms offered by the server will be used.
	User ID	string	User ID registered for appropriate access to this LDAP directory.
	Password	password	Password for access to the LDAP directory.
	SSL Context Provider	string	iWay Security Provider for SSL Context. This parameter is required when using an ldaps: URL. When an SSL Context is given with an ldap: URL, this will upgrade the normal LDAP connection to one protected by TLS/SSL using the LDAP StartTLS extension. Click below for a definition: TLS/SSL Configuration
	Quality of Protection	string	Some SASL mechanisms support integrity and privacy protection of the communication channel after successful authentication. Choose Not Specified to rely on JNDI's default. Select from one of the following options: Not Specified Authentication only {auth} Authentication with integrity protection {auth-int} Authentication with integrity and privacy protection {auth-conf}
	Encryption Strength	string	Some SASL mechanisms support different ciphers and key lengths used for encryption. Select from one of the following options: high,medium,low {high,medium,low} high,medium {high,medium} high {high}
	Referrals	string	Specifies how JNDI referrals are handled. Select from one of the following options: Follow referrals automatically {follow} Ignore referrals {ignore} Throw ReferralException when a referral is encountered {throw}
	Dereferencing Aliases	string	Specifies how aliases are handled. Select from one of the following options: Always dereference aliases {always} Never dereference aliases {never} Dereference aliases only during name resolution {finding} Dereference aliases only after name resolution {searching}
	JCE Provider for CertStore	string	JCE Provider used to create the CertStore when the LDAP provider is used as a CertStore provider Select from one of the following options: NOT_SPECIFIED {NOT_SPECIFIED} SUN {SUN} BC {BC}

* - denotes required