Page 1 of 1

Authentication AD + database

PostPosted:Fri Jul 25, 2014 9:59 am
by vrumanko
What's your ideas or suggestions about following scenario, please:

Company has AD with internal users connected to OpenKM 6.2. They want to provide access to external users, but don't want to add to AD repository. Idea is to have internal users in AD and external users in default OpenKM database repository and manage it in OpenKM, which is for external user accounts sufficient.

We are considering:

1. Create customized PrincipalAdapter to handle ldap and database

2. And less preffered CAS with multiple ldaps. Problem is to maintain additional ldap server and ldap management tool.

Thank you for inputs in advance.

Re: Authentication AD + database

PostPosted:Sun Jul 27, 2014 2:28 pm
by jllort
- First step is clear, create your own LDAP adapter. Really can be easy because you can merge call from existing LDAP adapter and Database adapter in your own class. Here you got the related classes http://sourceforge.net/p/openkm/code/HE ... principal/
- The second could be configure spring security with multiple managers ( I think should be possible, but we've never have done it, possible starting about it could be http://forum.spring.io/forum/spring-pro ... is-applied ). If yo got it running will apreciate be able to share information that can be useful to other user.

Finally there's some problem in administration ( now when you got openkm with database are allowed to add / edit / etc ... operation, but when are connected with ldap adapter you get only readonly view of ldap users and roles ). I think will be good idea do minimal source code change, extending User.java and Role.java with varible boolean readonly ( to identify records from ldap than records from database ). This is an easy source code modification and we can guide you on how doing it. Also should modifify some jsp files like user_list.jsp and role_list.jsp ( really it's very easy doing it ).

Re: Authentication AD + database

PostPosted:Tue Jul 29, 2014 9:00 am
by vrumanko
Yes, thank you for guidance.
I will share sources, if i implement it successfully.

Re: Authentication AD + database

PostPosted:Fri Jul 22, 2022 12:58 pm
by nishant8900
hi,
i am currently using openkm 6.3 CE, and i would like to implement kind of a similar functionality that involves authentication using AD and manage users in database.
could you help me out with such a principal adapter code that provides such a functionality.

Thank you

Re: Authentication AD + database

PostPosted:Tue Aug 02, 2022 8:28 am
by jllort
Take a look at https://github.com/openkm/document-mana ... /principal

here some sample from version 7.1 what maybe used in OpenKM.xml CE https://docs.openkm.com/kcenter/view/ok ... kmxml.html