Build.One Documentation
Page tree

Versions Compared

Old Version 5

changes.mady.by.user Sebastian Lucaciu

Saved on

compared with

New Version 6

changes.mady.by.user Sebastian Lucaciu

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • path : path for login authentication, '/login' will setup a new http route at 'auth/ad/login' for authentication
  • url : LDAP server url
  • bindDN : Admin connection DN, e.g. uid=myapp,ou=users,dc=example,dc=org. Optional. If not given at all, admin client is not bound. Giving empty string may result in anonymous bind when allowed.
  • bindCredentials : Password for bindDN
  • searchBase : The base DN from which to search for users by username. E.g. ou=users,dc=example,dc=org
  • searchFilter : LDAP search filter with which to find a user by username, group, e.g. '(&(sAMAccountName={{username}})(memberOf=CN=OSIV-Ivdat,OU=OSIV,DC=de,DC=ivnet,DC=ch))'. Use the literal {{username}} to have the given username interpolated in for the LDAP search.
  • errorMessages : Authentication possible error messages options
     [optionserrorMessages.badRequestMessage] - 'Missing credentials' - Message for missing username/password
 [optionserrorMessages.invalidCredentials] - 'Invalid username/password' - Message for InvalidCredentialsError, NoSuchObjectError, and /no such user/ LDAP errors
 [optionserrorMessages.userNotFound] - 'Invalid username/password' - Message for user not found
 [optionserrorMessages.constraintViolation] - 'Exceeded password retry limit, account locked' - Message when account is locked (or other constraint violation)
 [optionserrorMessages.invalidLogonHours] - 'Not Permitted to login at this time'  - Message for Windows AD invalidLogonHours error
 [optionserrorMessages.invalidWorkstation] - 'Not permited to logon at this workstation' - Message for Windows AD invalidWorkstation error
 [optionserrorMessages.passwordExpired] - 'Password expired' - Message for Windows AD passwordExpired error
 [optionserrorMessages.accountDisabled] - 'Account disabled' - Message for Windows AD accountDisabled error
 [optionserrorMessages.accountExpired] - 'Account expired' - Message for Windows AD accountExpired error
 [optionserrorMessages.passwordMustChange] - 'User must reset password' - Message for Windows AD passwordMustChange error
 [optionserrorMessages.accountLockedOut] - 'User account locked' - Message for Windows AD accountLockedOut error
 [optionserrorMessages.noSuchObject] - 'Bad search base' - Bad search base in LDAP query

...