• Authentication AD + database

  • He we will discuss about how to make customization and improvement to the OpenKM source code.
He we will discuss about how to make customization and improvement to the OpenKM source code.
Forum rules: Please, before asking something see the documentation wiki or use the search feature of the forum. And remember we don't have a crystal ball or mental readers, so if you post about an issue tell us which OpenKM are you using and also the browser and operating system version. For more info read How to Report Bugs Effectively.
 #29407  by vrumanko
 
What's your ideas or suggestions about following scenario, please:

Company has AD with internal users connected to OpenKM 6.2. They want to provide access to external users, but don't want to add to AD repository. Idea is to have internal users in AD and external users in default OpenKM database repository and manage it in OpenKM, which is for external user accounts sufficient.

We are considering:

1. Create customized PrincipalAdapter to handle ldap and database

2. And less preffered CAS with multiple ldaps. Problem is to maintain additional ldap server and ldap management tool.

Thank you for inputs in advance.
 #29423  by jllort
 
- First step is clear, create your own LDAP adapter. Really can be easy because you can merge call from existing LDAP adapter and Database adapter in your own class. Here you got the related classes http://sourceforge.net/p/openkm/code/HE ... principal/
- The second could be configure spring security with multiple managers ( I think should be possible, but we've never have done it, possible starting about it could be http://forum.spring.io/forum/spring-pro ... is-applied ). If yo got it running will apreciate be able to share information that can be useful to other user.

Finally there's some problem in administration ( now when you got openkm with database are allowed to add / edit / etc ... operation, but when are connected with ldap adapter you get only readonly view of ldap users and roles ). I think will be good idea do minimal source code change, extending User.java and Role.java with varible boolean readonly ( to identify records from ldap than records from database ). This is an easy source code modification and we can guide you on how doing it. Also should modifify some jsp files like user_list.jsp and role_list.jsp ( really it's very easy doing it ).
 #53737  by nishant8900
 
hi,
i am currently using openkm 6.3 CE, and i would like to implement kind of a similar functionality that involves authentication using AD and manage users in database.
could you help me out with such a principal adapter code that provides such a functionality.

Thank you

About Us

OpenKM is part of the management software. A management software is a program that facilitates the accomplishment of administrative tasks. OpenKM is a document management system that allows you to manage business content and workflow in a more efficient way. Document managers guarantee data protection by establishing information security for business content.