49.102    JSON Web KeySet (JWKS) 49.104    Smile CDR License   

49.103.1LDAP Authentication

 

The LDAP Authentication configuration category includes the following configurable options:

  • Authentication: User Attributes to query

  • Authentication: User Base DN

  • Authentication: User Query

  • Require Group DN

  • Base DN for Groups

  • Search Groups Recursively

  • System User DN

  • System User Password

  • LDAP Server URL

  • Global Permissions

  • Native Permission User Attribute

  • User Attribute: Family Name

  • User Attribute: Given Name

49.103.2Property: Authentication: User Attributes to query

 
Property Name Authentication: User Attributes to query
Property Key
Property Type STRING
Description If set, provides a space-separated list of attributes to query. Default empty which includes all static attributes.
Applies to Modules
  • LDAP Inbound Security
Default Value (no default)
Example Property
module.[MODULE_ID].config.authenticator.bind.user.attributes = 

49.103.3Property: Authentication: User Base DN

 
Property Name Authentication: User Base DN
Property Key
Property Type STRING
Description When authenticating users, this is the base DN used to attempt to bind the user.
Applies to Modules
  • LDAP Inbound Security
Default Value (no default)
Example Property
module.[MODULE_ID].config.authenticator.bind.user.base = 

49.103.4Property: Authentication: User Query

 
Property Name Authentication: User Query
Property Key
Property Type STRING
Description This query is used to locate the authenticating user in order to attempt a bind.
Applies to Modules
  • LDAP Inbound Security
Default Value userPrincipalName={0}
Example Property
module.[MODULE_ID].config.authenticator.bind.user.query = userPrincipalName={0}

49.103.5Property: Require Group DN

 
Property Name Require Group DN
Property Key
Property Type STRING
Description If set, specifies the DN for a required group. Any authenticating users will only be permitted to authenticate if they are a member of this group.
Applies to Modules
  • LDAP Inbound Security
Default Value (no default)
Example Property
module.[MODULE_ID].config.authenticator.require_group_membership.dn = 

49.103.6Property: Base DN for Groups

 
Property Name Base DN for Groups
Property Key
Property Type STRING
Description The DN to use when searching for groups.
Applies to Modules
  • LDAP Inbound Security
Default Value (no default)
Example Property
module.[MODULE_ID].config.groups.basedn = 

49.103.7Property: Search Groups Recursively

 
Property Name Search Groups Recursively
Property Key
Property Type BOOLEAN
Description If enabled, searching for groups will occur at any level below the value of groups.basedn and not just directly under that level.
Applies to Modules
  • LDAP Inbound Security
Default Value false
Example Property
module.[MODULE_ID].config.groups.search_recursively = false

49.103.8Property: System User DN

 
Property Name System User DN
Property Key
Property Type STRING
Description The identity for the user account that Smile CDR will use for system operations.
Applies to Modules
  • LDAP Inbound Security
Default Value (no default)
Example Property
module.[MODULE_ID].config.ldap.systemuser.dn = 

49.103.9Property: System User Password

 
Property Name System User Password
Property Key
Property Type PASSWORD
Description The password for the user account that Smile CDR will use for system operations.
Applies to Modules
  • LDAP Inbound Security
Default Value (no default)
Example Property
module.[MODULE_ID].config.ldap.systemuser.password = 

49.103.10Property: LDAP Server URL

 
Property Name LDAP Server URL
Property Key
Property Type STRING
Description The URL to connect to the LDAP server (e.g. ldap://example.com:389).
Applies to Modules
  • LDAP Inbound Security
Default Value (no default)
Example Property
module.[MODULE_ID].config.ldap.url = 

49.103.11Property: Global Permissions

 
Property Name Global Permissions
Property Key
Property Type STRING
Description A comma separated list of permissions to grant all users who authenticate using this module (e.g. ROLE_FHIR_CLIENT, FHIR_READ_ALL_IN_COMPARTMENT/Patient/123).
Applies to Modules
  • LDAP Inbound Security
Default Value (no default)
Example Property
module.[MODULE_ID].config.user.global_permissions = 

49.103.12Property: Native Permission User Attribute

 
Property Name Native Permission User Attribute
Property Key
Property Type STRING
Description If specified, this user attribute will be treated as having native Smile CDR permission strings that will be granted to users.
Applies to Modules
  • LDAP Inbound Security
Default Value smileCdrPermission
Example Property
module.[MODULE_ID].config.user.map.native_permission_attribute_name = smileCdrPermission

49.103.13Property: User Attribute: Family Name

 
Property Name User Attribute: Family Name
Property Key
Property Type STRING
Description The name of the LDAP User Attribute from which to read the user's family (last) name.
Applies to Modules
  • LDAP Inbound Security
Default Value sn
Example Property
module.[MODULE_ID].config.user.map.user_attr.familyname = sn

49.103.14Property: User Attribute: Given Name

 
Property Name User Attribute: Given Name
Property Key
Property Type STRING
Description The name of the LDAP User Attribute from which to read the user's given (first) name.
Applies to Modules
  • LDAP Inbound Security
Default Value givenName
Example Property
module.[MODULE_ID].config.user.map.user_attr.givenname = givenName
   49.102    JSON Web KeySet (JWKS) 49.104    Smile CDR License