Class LdapAuthProvider

  • All Implemented Interfaces:
    AuthProvider

    public class LdapAuthProvider
    extends Object
    implements AuthProvider
    Implementation of auth provider interface for LDAP authentication service plug-in. Only plaintext authentication is currently supported.

    Optionally, an authentication cache can be enabled. When enabled, a hashed version of the user's password is cached for a variable length of time (2 hours by default). This can decrease load on the directory and preserve some level of service even when the directory becomes unavailable for a period of time.

    • ldap.authCache.enabled -- true to enable the auth cache.
    • ldap.authCache.size -- size in bytes of the auth cache. If property is not set, the default value is 524288 (512 K).
    • ldap.authCache.maxLifetime -- maximum amount of time a hashed password can be cached in milleseconds. If property is not set, the default value is 7200000 (2 hours).
    Author:
    Matt Tucker