LDAP can be used for authentication, authorization and user management in WLM.
The authentication and authorization for work list client application through LDAP is based on LDAP realm supported in Glassfish and Java EE security model,
in addition to that, WLM integrates LDAP in providing the following feature:
- Assignment and Escalation to a user/group managed by LDAP
- Provide LDAP xpath functions to allow assign/escalate the task to a user's manager, sends emails to a specific user or his/her manager using the email address on LDAP.
LDAP server configuration
is used for demonstrate the configuration. Please also refer to Ldap realm configuration in glassfish
for examples of setting up LDAP server used in glassfish.
In slapd.conf, core.schema, cosine.schema, inetorgperson.schema are needed.
# See slapd.conf(5) for details on configuration options.
# This file should NOT be world readable.
One sample organization looks like this: