First, thanks to those who have gone before in configuring ldap and posting about it here (e.g.[
Adding LDAP authentication to login](
https://groups.google.com/a/cloudfoundry.org/forum/#!searchin/vcap-dev/ldap/vcap-dev/LqWdKwPsxp0/ubC3dMYHoUcJ) and [Using LDAP with UAA](
https://groups.google.com/a/cloudfoundry.org/forum/#!searchin/vcap-dev/ldap/vcap-dev/11OizdQn2-0/UXZ12sXK56EJ).
I've edited our uaa manifest to include ldap-specific configuration, like so:
uaa:
spring_profiles: ldap
ldap:
profile: ldap/ldap-search-and-bind.xml
base:
url: '
ldap.ncsu.edu'
userDn: 'uid={0},dc=mydc,dc=mydomain'
password: 'mypassword'
searchBase: 'dc=mydc,dc=mydomain'
searchFilter: 'ou=accounts,uid={0}'
When I used the login server to send a uaa request, uaa logged this:
uaa.log:[2014-07-23 01:39:21.024] uaa - 1971 [http-bio-8080-exec-8] .... DEBUG --- BindAuthenticator: Attempting to bind as cn=myid,ou=Users,dc=test,dc=com
The bind information appears to correspond to text in [ldap-simple-bind.xml](
https://github.com/cloudfoundry/uaa/blob/36efbc0bf6186a4abaf51c04e55cdb2d5e15091b/uaa/src/main/webapp/WEB-INF/spring/ldap/ldap-simple-bind.xml), line 36:
value="${ldap.base.userDnPattern:cn={0},ou=Users,dc=test,dc=com}" />
I tried re-deploying with 'userDnPattern' set, but the bind remained the same.
Two questions:
If you've overridden the defaults, how did you go about doing so?
Is it possible that the configuration code for uaa (UAAConfiguration.java?) needs to be revised to read in and replace the ldap parameters?