Ignite Realtime: Hybrid Auth Provider Properties

Up to Discussions in Openfire Support

4105 Views 12 Replies Latest reply: Dec 29, 2010 7:26 AM by yasin

Andrew1979

13 posts since
May 13, 2010

Currently Being Moderated

Jun 16, 2010 12:25 AM

Hybrid Auth Provider Properties

I can understand the concept of primary and secondary provider. I'm not sure what to do with the following properties in terms of which values to set them to. Any examples would be appreciated.

hybridAuthProvider.primaryProvider.className (required) -- the class name of the auth provider.

I am wanting to first authenticate against LDAP active directory and then against the internal database. I am able to currently authenticate against LDAP but thats all at the moment. If the user is not found using LDAP authentication, then I am wanting open fire to check in the internal database.

I am also needing to find a way of adding users to the internal database as well.

Andrew

Like (0)

Andrei L.
7 posts since
Jun 8, 2010

Currently Being Moderated

Jun 20, 2010 1:44 AM (in response to Andrew1979)
Re: Hybrid Auth Provider Properties

Hi,

You have to make the following settings

provider.auth.className = org.jivesoftware.openfire.auth.HybridAuthProvider
provider.user.className = org.jivesoftware.openfire.auth.HybridUserProvider
hybridAuthProvider.primaryProvider.className = org.jivesoftware.openfire.ldap.LdapAuthProvider
hybridAuthProvider.secondaryProvider.className = org.jivesoftware.openfire.auth.DefaultAuthProvider
hybridUserProvider.primaryProvider.className = org.jivesoftware.openfire.ldap.LdapUserProvider
hybridUserProvider.secondaryProvider.className = org.jivesoftware.openfire.auth.DefaultUserProvider

And of course the settings for ldap, you can find more about this here http://www.igniterealtime.org/builds/openfire/docs/latest/documentation/ldap-gui de.html

Best regards,
Andrei

Report Abuse

Like (0)
- Andrew1979
  13 posts since
  May 13, 2010
  
  Currently Being Moderated
  
  Jun 22, 2010 2:30 AM (in response to Andrei L.)
  Re: Hybrid Auth Provider Properties
  
  Hi
  
  Thank you for replying.
  
  To enable both internal db authentication and LDAP, do I need to install with default options or install specifically with LDAP first? Or would it not make a difference?
  
  Regards,
  
  Andrew
  
  Report Abuse
  
  Like (0)
  - Andrei L.
    7 posts since
    Jun 8, 2010
    
    Currently Being Moderated
    
    Jun 22, 2010 10:05 AM (in response to Andrew1979)
    Re: Hybrid Auth Provider Properties
    
    Hi,
    
    It doesn't make any difference. Install with whatever makes it easier for you and set the settings how you need after.
    
    Best regards,
    Andrei
    
    Report Abuse
    
    Like (0)
    - Andrew1979
      13 posts since
      May 13, 2010
      
      Currently Being Moderated
      
      Jun 23, 2010 12:12 AM (in response to Andrei L.)
      Re: Hybrid Auth Provider Properties
      
      Hi
      
      Thank you for replying again.
      
      For some of the settings to take effect would I have to restart the server?
      
      Some settings do seem to take effect straight away but some do not.
      
      Regards,
      
      Andrew
      
      Report Abuse
      
      Like (0)
      - Andrei L.
        7 posts since
        Jun 8, 2010
        
        Currently Being Moderated
        
        Jun 23, 2010 12:18 AM (in response to Andrew1979)
        Re: Hybrid Auth Provider Properties
        
        Hi,
        
        Yes, you have to restart the server for some settings. Auth related things are initializated when server starts.
        
        Regards,
        Andrei
        
        Report Abuse
        
        Like (0)
        
        Andrew1979
        13 posts since
        May 13, 2010
        
        Currently Being Moderated
        
        Jun 23, 2010 3:15 AM (in response to Andrei L.)
        Re: Hybrid Auth Provider Properties
        
        Hi
        
        The majority of what you suggested does work.
        
        However when it comes to adding people to the internal database I have to change the property for:
        
        provider.user.className
        
        to
        
        org.jivesoftware.openfire.auth.HybridUserProvider
        
        When this is changed, the connection with LDAP is lost but when I change it back to:
        
        org.jivesoftware.openfire.ldap.LdapUserProvider
        
        It then auths against db and ldap.
        
        Is there anyway I can do both at the same time without having to keep changing the properties each time I need to add a new user?
        
        Regards,
        
        Andrew
        
        Report Abuse
        
        Like (0)
        
        John
        49 posts since
        Apr 8, 2008
        
        Currently Being Moderated
        
        Aug 1, 2010 2:16 AM (in response to Andrew1979)
        Re: Hybrid Auth Provider Properties
        
        Did you ever figure this out?
        I am running into the same problem.
        
        Report Abuse
        
        Like (0)
        
        Andrew1979
        13 posts since
        May 13, 2010
        
        Currently Being Moderated
        
        Jun 23, 2010 6:35 AM (in response to Andrei L.)
        Re: Hybrid Auth Provider Properties
        
        Hi
        
        I'm wondering, would I need to do the same with the settings for,
        
        provider.group.className
        provider.vcard.className
        
        Regards,
        
        Andrew
        
        Report Abuse
        
        Like (0)
        
        Andrei L.
        7 posts since
        Jun 8, 2010
        
        Currently Being Moderated
        
        Jun 23, 2010 7:27 AM (in response to Andrew1979)
        Re: Hybrid Auth Provider Properties
        
        Hi,
        
        I'm not sure but I'm guessing to leave those with internal provider.
        
        Regards,
        Andrei
        
        Report Abuse
        
        Like (0)
        
        Andrei L.
        7 posts since
        Jun 8, 2010
        
        Currently Being Moderated
        
        Jun 23, 2010 7:52 AM (in response to Andrei L.)
        Re: Hybrid Auth Provider Properties
        
        I don't know about creating users, I think you have to have the primary user provider set to default provider, but I'm not sure, I am only using sql provider now because I don't need internal users.
        
        Report Abuse
        
        Like (0)
        
        yasin
        25 posts since
        Feb 1, 2008
        
        Currently Being Moderated
        
        Dec 29, 2010 7:26 AM (in response to Andrei L.)
        Re: Hybrid Auth Provider Properties
        
        Does some one has exect settings for dual athentication.
        I have post my question on the following thread
        
        http://community.igniterealtime.org/message/208427#208427
        
        Mudasar
        o2sp.com
        
        Report Abuse
        
        Like (0)
John
49 posts since
Apr 8, 2008

Currently Being Moderated

Aug 1, 2010 6:11 AM (in response to Andrew1979)
Re: Hybrid Auth Provider Properties

Hi Andrei / Andrew -

I've got similar issues w/ the same exact setup. I have posted over at http://community.igniterealtime.org/thread/42440

Could you take a peek?

Thanks,
John

Report Abuse

Like (0)

Go to original post

Legend

Correct Answers - 10 points
Helpful Answers - 5 points

Jun 16, 2010 12:25 AM

Hybrid Auth Provider Properties

Actions

More Like This

Bookmarked By (0)

Legend