On this page:
   25.57    JSON Web KeySet (JWKS) 25.59    Lucene FullText Indexing   

25.58LDAP Authentication

 

The LDAP Authentication configuration category includes the following configurable options:

  • LDAP Server URL

  • System User DN

  • System User Password

  • Native Permission User Attribute

  • User Attribute: Given Name

  • User Attribute: Family Name

  • Global Permissions

  • Base DN for Groups

  • Search Groups Recursively

  • Authentication: User Base DN

  • Authentication: User Query

  • Require Group DN

25.58.1Property: LDAP Server URL

 
Property Name LDAP Server URL
Property Key
Property Type STRING
Description The URL to connect to the LDAP server (e.g. ldap://example.com:389).
Default Value (no default)
Example Property
module.[MODULE_ID].config.ldap.url = 

25.58.2Property: System User DN

 
Property Name System User DN
Property Key
Property Type STRING
Description The identity for the user account that Smile CDR will use for system operations.
Default Value (no default)
Example Property
module.[MODULE_ID].config.ldap.systemuser.dn = 

25.58.3Property: System User Password

 
Property Name System User Password
Property Key
Property Type PASSWORD
Description The password for the user account that Smile CDR will use for system operations.
Default Value (no default)
Example Property
module.[MODULE_ID].config.ldap.systemuser.password = 

25.58.4Property: Native Permission User Attribute

 
Property Name Native Permission User Attribute
Property Key
Property Type STRING
Description If specified, this user attribute will be treated as having native Smile CDR permission strings that will be granted to users.
Default Value smileCdrPermission
Example Property
module.[MODULE_ID].config.user.map.native_permission_attribute_name = smileCdrPermission

25.58.5Property: User Attribute: Given Name

 
Property Name User Attribute: Given Name
Property Key
Property Type STRING
Description The name of the LDAP User Attribute from which to read the user's given (first) name.
Default Value givenName
Example Property
module.[MODULE_ID].config.user.map.user_attr.givenname = givenName

25.58.6Property: User Attribute: Family Name

 
Property Name User Attribute: Family Name
Property Key
Property Type STRING
Description The name of the LDAP User Attribute from which to read the user's family (last) name.
Default Value sn
Example Property
module.[MODULE_ID].config.user.map.user_attr.familyname = sn

25.58.7Property: Global Permissions

 
Property Name Global Permissions
Property Key
Property Type STRING
Description A comma separated list of permissions to grant all users who authenticate using this module (e.g. ROLE_FHIR_CLIENT, FHIR_READ_ALL_IN_COMPARTMENT/Patient/123).
Default Value (no default)
Example Property
module.[MODULE_ID].config.user.global_permissions = 

25.58.8Property: Base DN for Groups

 
Property Name Base DN for Groups
Property Key
Property Type STRING
Description The DN to use when searching for groups.
Default Value (no default)
Example Property
module.[MODULE_ID].config.groups.basedn = 

25.58.9Property: Search Groups Recursively

 
Property Name Search Groups Recursively
Property Key
Property Type BOOLEAN
Description If enabled, searching for groups will occur at any level below the value of groups.basedn and not just directly under that level.
Default Value false
Example Property
module.[MODULE_ID].config.groups.search_recursively = false

25.58.10Property: Authentication: User Base DN

 
Property Name Authentication: User Base DN
Property Key
Property Type STRING
Description When authenticating users, this is the base DN used to attempt to bind the user.
Default Value (no default)
Example Property
module.[MODULE_ID].config.authenticator.bind.user.base = 

25.58.11Property: Authentication: User Query

 
Property Name Authentication: User Query
Property Key
Property Type STRING
Description This query is used to locate the authenticating user in order to attempt a bind.
Default Value userPrincipalName={0}
Example Property
module.[MODULE_ID].config.authenticator.bind.user.query = userPrincipalName={0}

25.58.12Property: Require Group DN

 
Property Name Require Group DN
Property Key
Property Type STRING
Description If set, specifies the DN for a required group. Any authenticating users will only be permitted to authenticate if they are a member of this group.
Default Value (no default)
Example Property
module.[MODULE_ID].config.authenticator.require_group_membership.dn = 
   25.57    JSON Web KeySet (JWKS) 25.59    Lucene FullText Indexing