Page tree
Skip to end of metadata
Go to start of metadata

Your Rating: Results: 1 Star2 Star3 Star4 Star5 Star 125 rates


LDAP authenticates against more than one LDAP or Active Directory server


With introduce new security in magnolia 4.5 we had to make changes in LDAP/AD authentication process. Now is our LDAPAuthenticationModule/ADAuthenticationModule more closer to JCRAuthenticationModule, but result of this change we can authenticate only against one LDAP or Active Directory server.


  • Enable authentication against more than one LDAP or Active Directory server
  • Possibility use LDAPUserAuthentication and ADUserAuthentication in same time


  • Specific more than one or config file in for each LDAP or Active Directory server which we want use for authentication

Two possibilities of implementation:

1. Use only one property and separate config file by some specific mark
    example: jndi.ldap.config=WEB-INF/config/ldap/ | WEB-INF/config/ldap/

2. Use more UserMangers and specific ldap/ad property file for each of the
    example: jndi.ldap.config.server1=WEB-INF/config/ldap/


  1. Have a look at MGNLLDAP-9@jira, MGNLLDAP-18@jira and MGNLLDAP-20@jira. I would recommend that if we do any work in the areas mentioned above, we also do it "the Magnolia way". There is no reason why all of this could not be configured in the repository like everything else in Magnolia. (either at module-level or at UserManager-level)

  2. If we're moving towards using UserManagers, it makes no sense to keep those property files. Configure several UMs, and configure the ldap properties there.