update ldap config

docker · Feb 12, 2020 · 1c46402 · 1c46402
1 parent a58f15e
commit 1c46402
Showing 1 changed file with 27 additions and 2 deletions.
diff --git a/conf/attribute-resolver.xml b/conf/attribute-resolver.xml
@@ -203,15 +203,15 @@
 -->
 
     <!-- Example LDAP Connector -->
+<!--
     <DataConnector id="myLDAP" xsi:type="LDAPDirectory"
         ldapURL="%{idp.attribute.resolver.LDAP.ldapURL}"
         baseDN="%{idp.attribute.resolver.LDAP.baseDN}" 
         principal="%{idp.attribute.resolver.LDAP.bindDN}"
         principalCredential="%{idp.attribute.resolver.LDAP.bindDNCredential}"
         useStartTLS="%{idp.attribute.resolver.LDAP.useStartTLS:true}"
         connectTimeout="%{idp.attribute.resolver.LDAP.connectTimeout}"
-	<!-- Uncomment the line below when you have configured the referenced property in idp.properties to point to a valid cert -->
-	<!-- trustFile="%{idp.attribute.resolver.LDAP.trustCertificates}" -->
+	trustFile="%{idp.attribute.resolver.LDAP.trustCertificates}"
         responseTimeout="%{idp.attribute.resolver.LDAP.responseTimeout}">
         <FilterTemplate>
             <![CDATA[
@@ -226,6 +226,31 @@
             validateTimerPeriod="%{idp.pool.LDAP.validatePeriod:PT5M}"
             expirationTime="%{idp.pool.LDAP.idleTime:PT10M}" />
     </DataConnector>
+-->
+
+    <!-- Default LDAP Connector (no TLS) -->
+    <DataConnector id="myLDAP" xsi:type="LDAPDirectory"
+        ldapURL="%{idp.attribute.resolver.LDAP.ldapURL}"
+        baseDN="%{idp.attribute.resolver.LDAP.baseDN}" 
+        principal="%{idp.attribute.resolver.LDAP.bindDN}"
+        principalCredential="%{idp.attribute.resolver.LDAP.bindDNCredential}"
+        useStartTLS="%{idp.attribute.resolver.LDAP.useStartTLS:true}"
+        connectTimeout="%{idp.attribute.resolver.LDAP.connectTimeout}"
+        responseTimeout="%{idp.attribute.resolver.LDAP.responseTimeout}">
+        <FilterTemplate>
+            <![CDATA[
+                %{idp.attribute.resolver.LDAP.searchFilter}
+            ]]>
+        </FilterTemplate>
+	    <ConnectionPool
+            minPoolSize="%{idp.pool.LDAP.minSize:3}"
+            maxPoolSize="%{idp.pool.LDAP.maxSize:10}"
+            blockWaitTime="%{idp.pool.LDAP.blockWaitTime:PT3S}"
+            validatePeriodically="%{idp.pool.LDAP.validatePeriodically:true}"
+            validateTimerPeriod="%{idp.pool.LDAP.validatePeriod:PT5M}"
+            expirationTime="%{idp.pool.LDAP.idleTime:PT10M}" />
+    </DataConnector>
+
 
     <!-- DataConector for pairwise-id (example depends on saml-nameid.properties). -->