Reuse LDAP, JDBC, etc configuration properties
155 views
Skip to first unread message
Jeffrey Simpson
Jun 16, 2025, 3:10:19 PM6/16/25
to cas-...@apereo.org
I am sending this to the list since it took me forever to figure it out.
Say your system is connecting to a LDAP server. There are a lot of places that you need to fill in the properties for your LDAP server. Say for Password Management and Authentication. You don't want to repeat yourself for properties like url, bindDn,
etc. Below is how you do it.
Use YAML and its anchor feature.
YAML file before using anchors
cas:
authn:
pm:
ldap[0]
bindDn: CN=admin,CN=Users,DC=local,DC=test
baseDn: CN=Users,DC=local,DC=test
type: AD
followReferrals: 'false'
subtreeSearch: 'true'
useStartTls: 'true'
ldapUrl: ldap://server.local.test:389
trust-store: 'file:///etc/cas/wildcard-yfu-org.pfx'
trust-store-type: PKCS12
searchFilter: userPrincipalName={user}
...
ldap[0]
bindDn: CN=admin,CN=Users,DC=local,DC=test
baseDn: CN=Users,DC=local,DC=test
type: AD
followReferrals: 'false'
subtreeSearch: 'true'
useStartTls: 'true'
ldapUrl: ldap://server.local.test:389
trust-store: 'file:///etc/cas/wildcard-yfu-org.pfx'
trust-store-type: PKCS12
searchFilter: userPrincipalName={user}
principalAttributeList: ${ldap-principalAttributeList}
We now with YAML anchors
# define the the repeating things. &ldap-block defines the scope
ldap-block: &ldap-block
bindDn: CN=admin,CN=Users,DC=local,DC=test
baseDn: CN=Users,DC=local,DC=test
type: AD
followReferrals: 'false'
subtreeSearch: 'true'
useStartTls: 'true'
ldapUrl: ldap://server.local.test:389
trust-store: 'file:///etc/cas/wildcard-yfu-org.pfx'
trust-store-type: PKCS12
searchFilter: userPrincipalName={user}
cas:
authn:
pm:
ldap[0]
# <<: allows use to use the anchor and add more
<<: *ldap-non-staff-block
ldap[0]
# <<: * allows use to use the anchor and add more
<<: *ldap-non-staff-block
principalAttributeList: ${ldap-principalAttributeList}
Best,
Jeffrey
Jeffrey Simpson | Director IT
Youth For Understanding USA
For after-hour emergencies, call 1.800.424.3691 to reach YFU on-call staff
(p) 202.774.5266
Book time to meet with me
Reply all
Reply to author
Forward
0 new messages