Jump to content

Configure OpenId Connect with LDAP user directory


Mallikarjun H

Recommended Posts

We are currently trying to configure Open Id Connect and use the LDAP user directory instead of the Database.

We wanted to know if this is a workable option to configure.

We also do not have username claim coming from the Open Id , so we wanted to use the email as the user name claim. We modified the username attribute in the Ldap user directory configuration to use "userPrincipalName" as the attribute.

We updated the domain configuration to Collapse Domains as true, and Parse user and domain name option to false.

However we were not able to get the user login working.

As per the documentation it is preferred to use database as the user directory and select the auto-create option on the post authentication filter. Any specific reason on why it should be Database and not LDAP user directory

Wanted to know if we missing something or trying the wron way. Also, if we want to configureOpen Id Connect and use the LDAP user directory instead of the Database what all configuration changes have to be done

Link to comment
Share on other sites

It is possible to configure OpenId Authentication with LDAP. The LDAP configuration part seems to be okay. Can you enable debug logging on Spotfire and check the server.log this might provide us some information on why the user cannot login.

Here is an article on how to enable both Forms Authentication along with OpenId, this might be helpful while testing.

https://support.tibco.com/s/article/How-to-enable-forms-authentication-in-addition-to-Web-authentication-OpenID-Connect-in-TIBCO-Spotfire-Server

Also check if you are able to login to spotfire using the Forms authenticaiton with email id as the username

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...