Continuum supports LDAP for authentication. To configure it, you should follow these steps:
<!-- Ldap Authentication can be enabled by setting enabling these components and setting the following configuration options in your security.properties file ============================================================ user.manager.impl=ldap ldap.bind.authenticator.enabled=true redback.default.admin=admin security.policy.password.expiration.enabled=false ldap.config.hostname=ldap.hostname ldap.config.port=389 ldap.config.base.dn=o=com ldap.config.context.factory=com.sun.jndi.ldap.LdapCtxFactory ldap.config.bind.dn=uid=myusername,o=com ldap.config.password=s3cr3t #ldap.config.authentication.method= ============================================================ * ldap.config.hostname - The hostname of the ldap server * ldap.config.port - The port of the ldap server * ldap.config.base.dn - The baseDn of the ldap system * ldap.config.context.factory - context factory for ldap connections * ldap.config.bind.dn - the core user used for authentication the ldap server, must be able to perform the necessary searches, etc. * ldap.config.password - password for the bindDn for the root ldap connection until this process is better documented, the following is the document for configuration ldap with redback http://redback.codehaus.org/integration/ldap.html --> <!-- this component manages the connection to the ldap server --> <!-- component> <role>org.codehaus.plexus.redback.common.ldap.connection.LdapConnectionFactory</role> <role-hint>configurable</role-hint> <implementation>org.codehaus.plexus.redback.common.ldap.connection.ConfigurableLdapConnectionFactory</implementation> <requirements> <requirement> <role>org.codehaus.plexus.redback.configuration.UserConfiguration</role> </requirement> </requirements> </component--> <!-- this component manages the mapping of attributes in ldap to user information in redback. To configure the mapping, you can add the following properties in your security.properties ============================================================ ldap.config.mapper.attribute.email=mail ldap.config.mapper.attribute.fullname=givenName ldap.config.mapper.attribute.password=userPassword ldap.config.mapper.attribute.user.id=cn ldap.config.mapper.attribute.user.base.dn= ldap.config.mapper.attribute.user.object.class=inetOrgPerson ldap.config.mapper.attribute.user.filter=(attributeName=value) ============================================================ * email-attribute - The name of the attribute on a user that contains the email address * full-name-attribute - The name of the attribute on a user that contains the users fullName * password-attribute - The name of the attribute containing the users password, used for the authentiction using the user manager and not the ldap bind authenticator * user-id-attribute - The name of the attribute containing the users userId, most commonly cn or sn. * user-base-dn - The base dn that will be subtree searched for users. * user-object-class - the objectClass used in the ldap server for indentifying users, most commonly inetOrgPerson. --> <!-- component> <role>org.codehaus.plexus.redback.common.ldap.UserMapper</role> <role-hint>ldap</role-hint> <implementation>org.codehaus.plexus.redback.common.ldap.LdapUserMapper</implementation> <configuration> <email-attribute>email</email-attribute> <full-name-attribute>givenName</full-name-attribute> <password-attribute>userPassword</password-attribute> <user-id-attribute>cn</user-id-attribute> <user-base-dn>o=com</user-base-dn> <user-object-class>inetOrgPerson</user-object-class> </configuration> <requirements> <requirement> <role>org.codehaus.plexus.redback.configuration.UserConfiguration</role> </requirement> </requirements> </component--> <!-- If caching is desired to improve performance then make uncomment this and make sure the following configuration parameter is in the security.properties user.manager.impl=cached --> <!-- component> <role>org.codehaus.plexus.redback.users.UserManager</role> <role-hint>cached</role-hint> <implementation>org.codehaus.plexus.redback.users.cached.CachedUserManager</implementation> <description>CachedUserManager</description> <requirements> <requirement> <role>org.codehaus.plexus.redback.users.UserManager</role> <role-hint>ldap</role-hint> <field-name>userImpl</field-name> </requirement> <requirement> <role>org.codehaus.plexus.cache.Cache</role> <role-hint>users</role-hint> <field-name>usersCache</field-name> </requirement> </requirements> </component--> <!-- if using the user manager authenticator to authenticate the user and not the ldap bind authenticator make sure this definition has the correct password encoder Note: you should probably just use the ldap bind authenticator which is enabled by putting ldap.bind.authenticator.enabled=true in the security.properties --> <!-- component> <role>org.codehaus.plexus.redback.policy.UserSecurityPolicy</role> <role-hint>default</role-hint> <implementation>org.codehaus.plexus.redback.policy.DefaultUserSecurityPolicy</implementation> <description>User Security Policy.</description> <requirements> <requirement> <role>org.codehaus.plexus.redback.configuration.UserConfiguration</role> <field-name>config</field-name> </requirement> <requirement> <role>org.codehaus.plexus.redback.policy.PasswordEncoder</role> <role-hint>sha1</role-hint> <field-name>passwordEncoder</field-name> </requirement> <requirement> <role>org.codehaus.plexus.redback.policy.UserValidationSettings</role> <field-name>userValidationSettings</field-name> </requirement> <requirement> <role>org.codehaus.plexus.redback.policy.CookieSettings</role> <role-hint>rememberMe</role-hint> <field-name>rememberMeCookieSettings</field-name> </requirement> <requirement> <role>org.codehaus.plexus.redback.policy.CookieSettings</role> <role-hint>signon</role-hint> <field-name>signonCookieSettings</field-name> </requirement> <requirement> <role>org.codehaus.plexus.redback.policy.PasswordRule</role> <field-name>rules</field-name> </requirement> </requirements> </component-->
All you need to configure is the ConfigurableLdapConnectionFactory and LdapUserMapper components
user.manager.impl=ldap ldap.bind.authenticator.enabled=true redback.default.admin=adminuser security.policy.password.expiration.enabled=false user.manager.impl=cached ldap.bind.authenticator.enabled=true
adminuser is a LDAP user and will be the default Continuum admin. guestuser is a LDAP user and will be used for the guest role, generally, it is an utility LDAP account.