| <!-- |
| ~ Licensed to the Apache Software Foundation (ASF) under one |
| ~ or more contributor license agreements. See the NOTICE file |
| ~ distributed with this work for additional information |
| ~ regarding copyright ownership. The ASF licenses this file |
| ~ to you under the Apache License, Version 2.0 (the |
| ~ "License"); you may not use this file except in compliance |
| ~ with the License. You may obtain a copy of the License at |
| ~ |
| ~ http://www.apache.org/licenses/LICENSE-2.0 |
| ~ |
| ~ Unless required by applicable law or agreed to in writing, |
| ~ software distributed under the License is distributed on an |
| ~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY |
| ~ KIND, either express or implied. See the License for the |
| ~ specific language governing permissions and limitations |
| ~ under the License. |
| --> |
| <div> |
| <div class="clear"> |
| <div class="formLabel-labelCell tableContainer-labelCell">LDAP server URL*:</div> |
| <div class="formLabel-controlCell tableContainer-valueCell"> |
| <input type="text" class="providerUrl" |
| data-dojo-type="dijit/form/ValidationTextBox" |
| data-dojo-props=" |
| name: 'providerUrl', |
| required: true, |
| placeHolder: 'ldap://host:port', |
| title: 'Enter LDAP server URL', |
| promptMessage: 'LDAP server URL'"/> |
| </div> |
| </div> |
| <div class="clear"> |
| <div class="formLabel-labelCell tableContainer-labelCell">LDAP authentication URL</div> |
| <div class="formLabel-controlCell tableContainer-valueCell"> |
| <input type="text" class="providerAuthUrl" |
| data-dojo-type="dijit/form/ValidationTextBox" |
| data-dojo-props=" |
| name: 'providerAuthUrl', |
| placeHolder: 'ldap://host:port', |
| title: 'Enter optional LDAP authentication URL', |
| promptMessage: 'URL of LDAP server for performing \'ldap bind\'. If not specified, the LDAP server URL will be used for both searches and authentications'"/> |
| </div> |
| </div> |
| <div class="clear"> |
| <div class="formLabel-labelCell tableContainer-labelCell">Trust Store:</div> |
| <div class="tableContainer-valueCell formLabel-controlCell"> |
| <select class="trustStore" data-dojo-type="dijit/form/FilteringSelect" |
| data-dojo-props=" |
| required: false, |
| name: 'trustStore', |
| placeHolder: 'Select trust store', |
| promptMessage: 'Select the trust store containing the certificate of the CA that signs to LDAP servers certificate', |
| title: 'Select trust store for secure connection', |
| searchAttr: 'name'"> |
| </select> |
| </div> |
| </div> |
| <div class="clear"> |
| <div class="formLabel-labelCell tableContainer-labelCell">LDAP Context Factory:</div> |
| <div class="formLabel-controlCell tableContainer-valueCell"> |
| <input type="text" class="ldapContextFactory" |
| data-dojo-type="dijit/form/ValidationTextBox" |
| data-dojo-props=" |
| name: 'ldapContextFactory', |
| placeHolder: 'com.sun.jndi.ldap.LdapCtxFactory', |
| title: 'Enter fully qualified class name for LDAP Context Factory', |
| promptMessage: 'Fully qualified class name for LDAP Context Factory'"/> |
| </div> |
| </div> |
| <div class="clear"> |
| <div class="formLabel-labelCell tableContainer-labelCell">Authentication Method:</div> |
| <div class="tableContainer-valueCell formLabel-controlCell"> |
| <select class="authenticationMethod" data-dojo-type="dijit/form/FilteringSelect" |
| id="ldapAuthenticationMethod" |
| data-dojo-props=" |
| required: false, |
| name: 'authenticationMethod', |
| placeHolder: 'Select authentication method', |
| promptMessage: 'Select authentication method to bind into LDAP server', |
| title: 'Select authentication method to bind into LDAP server', |
| searchAttr: 'name'"> |
| </select> |
| </div> |
| </div> |
| <div class="clear"> |
| <div class="formLabel-labelCell tableContainer-labelCell">Login Config Scope:</div> |
| <div class="formLabel-controlCell tableContainer-valueCell"> |
| <input type="text" class="loginConfigScope" |
| data-dojo-type="dijit/form/ValidationTextBox" |
| data-dojo-props=" |
| name: 'loginConfigScope', |
| placeHolder: 'loginConfigScope', |
| title: 'Login configuration name for GSSAPI authentication', |
| promptMessage: 'Login configuration name for GSSAPI authentication'"/> |
| </div> |
| </div> |
| <div class="clear"> |
| <div class="formLabel-labelCell tableContainer-labelCell">Search username:</div> |
| <div class="formLabel-controlCell tableContainer-valueCell"> |
| <input type="text" class="searchUsername" |
| id="ldapSearchUsername" |
| data-dojo-type="dijit/form/ValidationTextBox" |
| data-dojo-props=" |
| name: 'searchUsername', |
| placeHolder: 'username', |
| title: 'Enter username for authenticated search', |
| promptMessage: 'The username used to authenticate to the directory in order to perform the search. If not specified, an anonymous bind is used to perform the search'"/> |
| </div> |
| </div> |
| <div class="clear"> |
| <div class="formLabel-labelCell tableContainer-labelCell">Search password:</div> |
| <div class="formLabel-controlCell tableContainer-valueCell"> |
| <input type="password" class="searchPassword" |
| id="ldapSearchPassword" |
| data-dojo-type="dijit/form/ValidationTextBox" |
| data-dojo-props=" |
| name: 'searchPassword', |
| placeHolder: '****', |
| title: 'Enter password for authenticated search', |
| promptMessage: 'The password to be used with the search username'"/> |
| </div> |
| </div> |
| |
| <div class="clear formBox"> |
| <fieldset> |
| <legend>User Search</legend> |
| <div class="clear"> |
| <div class="formLabel-labelCell tableContainer-labelCell">Search context*:</div> |
| <div class="formLabel-controlCell tableContainer-valueCell"> |
| <input type="text" class="searchContext" |
| data-dojo-type="dijit/form/ValidationTextBox" |
| data-dojo-props=" |
| name: 'searchContext', |
| required: true, |
| placeHolder: 'dc=users,dc=example,dc=com', |
| title: 'Enter search context', |
| promptMessage: 'Identifies the entry that is the base of the subtree containing users'"/> |
| </div> |
| </div> |
| <div class="clear"> |
| <div class="formLabel-labelCell tableContainer-labelCell">Search filter*:</div> |
| <div class="formLabel-controlCell tableContainer-valueCell"> |
| <input type="text" class="searchFilter" |
| data-dojo-type="dijit/form/ValidationTextBox" |
| data-dojo-props=" |
| name: 'searchFilter', |
| required: true, |
| placeHolder: '(uid={0})', |
| title: 'Enter user search filter ', |
| promptMessage: 'Filter expression used to locate users within the subtree. {0} will be replaced by the user id.'"/> |
| </div> |
| </div> |
| |
| <div class="clear"> |
| <div class="formLabel-labelCell tableContainer-labelCell">Authenticate without search:</div> |
| <div class="formLabel-controlCell tableContainer-valueCell"> |
| <input type="text" class="bindWithoutSearch" id="addAuthenticationProvider.simpleldap.bindWithoutSearch". |
| data-dojo-type="dijit/form/CheckBox" |
| data-dojo-props=" name: 'bindWithoutSearch' " /> |
| </div> |
| </div> |
| <div data-dojo-type="dijit/Tooltip" |
| data-dojo-props="connectId: ['addAuthenticationProvider.simpleldap.bindWithoutSearch'], |
| label: 'If selected, the provider will not search the directory'"> |
| </div> |
| </fieldset> |
| </div> |
| |
| <div class="clear formBox"> |
| <fieldset> |
| <legend>Additional Group Information <span id="addAuthenticationProvider.simpleldap.groupSearchLegend" class="infoPane"></span></legend> |
| <div data-dojo-type="dijit/Tooltip" |
| data-dojo-props="connectId: ['addAuthenticationProvider.simpleldap.groupSearchLegend']"> |
| There are two common ways of representing group membership in LDAP.<br/> |
| <ul> |
| <li> |
| User entries can hold membership information as attribute.<br/> |
| To use this simply specify the name of the attribute that holds<br/> |
| the group information. |
| </li> |
| <li> |
| Group entries can hold a list of their members as attribute.<br/> |
| You can specify a search context and filter to find all groups<br/> |
| that the user should be considered a member of. Typically this<br/> |
| involves filtering groups by looking for the user's DN on a<br/> |
| group attribute. |
| </li> |
| </ul> |
| </div> |
| <div id="ldapGroupInfoRadioGroup"> |
| <div class="clear"> |
| <input id="ldapGroupInfoRadioButtonNone" type="radio" name="groupInfo" value="none" data-dojo-type="dijit/form/RadioButton" checked /> |
| <label for="ldapGroupInfoRadioButtonNone">No Additional Group Information from LDAP</label> |
| </div> |
| <div class="clear"> |
| <input id="ldapGroupInfoRadioButtonAttribute" type="radio" name="groupInfo" value="attribute" data-dojo-type="dijit/form/RadioButton"/> |
| <label for="ldapGroupInfoRadioButtonAttribute">Group Membership from User Entry Attribute</label> |
| <div class="clear radioButtonIndent" id="ldapGroupInfoRadioButtonAttributeContent"> |
| <div class="formLabel-labelCell tableContainer-labelCell">Attribute name:</div> |
| <div class="formLabel-controlCell tableContainer-valueCell"> |
| <input type="text" class="groupAttributeName" disabled |
| id="ldapGroupInfoRadioButtonAttributeContentAttrName" |
| data-dojo-type="dijit/form/ValidationTextBox" |
| data-dojo-props=" |
| name: 'groupAttributeName', |
| placeHolder: 'groupMembership', |
| title: 'Enter name of user entry attribute holding the group memberships', |
| promptMessage: 'The name of the attribute on the user entry that<br/>holds the group membership information.'"/> |
| </div> |
| </div> |
| </div> |
| <div class="clear"> |
| <input id="ldapGroupInfoRadioButtonQuery" type="radio" name="groupInfo" value="query" data-dojo-type="dijit/form/RadioButton"/> |
| <label for="ldapGroupInfoRadioButtonQuery">Group Membership from Query</label> |
| <div class="radioButtonIndent" id="ldapGroupInfoRadioButtonQueryContent"> |
| <div class="clear"> |
| <div class="formLabel-labelCell tableContainer-labelCell">Search context:</div> |
| <div class="formLabel-controlCell tableContainer-valueCell"> |
| <input type="text" class="groupSearchContext" disabled |
| id="ldapGroupInfoRadioButtonQueryContentSearchContext" |
| data-dojo-type="dijit/form/ValidationTextBox" |
| data-dojo-props=" |
| name: 'groupSearchContext', |
| placeHolder: 'dc=groups,dc=example,dc=com', |
| title: 'Enter group search context', |
| promptMessage: 'The entry that is the base of the subtree containing groups'"/> |
| </div> |
| </div> |
| <div class="clear"> |
| <div class="formLabel-labelCell tableContainer-labelCell">Search filter:</div> |
| <div class="formLabel-controlCell tableContainer-valueCell"> |
| <input type="text" class="groupSearchFilter" disabled |
| id="ldapGroupInfoRadioButtonQueryContentSearchFilter" |
| data-dojo-type="dijit/form/ValidationTextBox" |
| data-dojo-props=" |
| name: 'groupSearchFilter', |
| placeHolder: '(uniquemember={0})', |
| title: 'Enter group search filter', |
| promptMessage: 'Filter expression used to locate groups containing the user.<br/>{0} will be replaced by the user DN.'"/> |
| </div> |
| </div> |
| |
| <div class="clear"> |
| <div class="formLabel-labelCell tableContainer-labelCell">Subtree search scope:</div> |
| <div class="formLabel-controlCell tableContainer-valueCell"> |
| <input type="text" class="groupSubtreeSearchScope" disabled |
| id="ldapGroupInfoRadioButtonQueryContentSubtreeSearch" |
| data-dojo-type="dijit/form/CheckBox" |
| data-dojo-props=" name: 'groupSubtreeSearchScope' "/> |
| </div> |
| </div> |
| <div data-dojo-type="dijit/Tooltip" |
| data-dojo-props="connectId: ['ldapGroupInfoRadioButtonQueryContentSubtreeSearch'], |
| label: 'If selected, the search for group entries is performed<br/>in the entire subtree of the group search context'"> |
| </div> |
| </div> |
| </div> |
| </div> |
| |
| </fieldset> |
| </div> |
| </div> |