Login to Alfresco share using LDAP email attribute

admin June 19, 2017

Authentication is very important part of any application, Alfresco supports different types of authentications like LDAP, pass-through, alfrescoNTLM, Kerberos, and external authentication.

In one of the project we used LDAP and from client we had requirement for Alfresco LDAP authentication using email id. Alfresco provides default authentication using username, while login in Alfresco with email using LDAP was new.

This blog will help to know about creating custom subsystem for login using email id in Alfresco. LDAP provide third party authentication. LDAP has fixed structure, so any organization won’t prefer to change their default LDAP structure. To create custom subsystem for authentication using email id in Alfresco, follow this blog.

There are two different ways to achieve Alfresco LDAP Authentication using email id

(I) Set mail as a BaseDn in your LDAP, which is not recommended

(II) Create your own subsystem which allow you to authenticate using email, before we discuss steps to create auth subsystem, it is important for you to understand Alfresco auth subsystem, to know about it click here.

Steps to create auth subsystem:

(1) Following configuration files are needed for configuration.

  • common-ldap-context.xml

    TOMCAT_HOME\webapps\alfresco\WEB-INF\classes\alfresco\extension\subsystems\Authentication\subsytem-name\common-ldap-context.xml
  • ldap-filter.properties
    TOMCAT_HOME\webapps\alfresco\WEB-INF\classes\alfresco\extension\subsystems\Authentication\subsytem-name\ldap\ldap-filter.properties

  • ldap-filter-context.xml
    TOMCAT_HOME\webapps\alfresco\WEB-INF\classes\alfresco\extension\subsystems\Authentication\subsytem-name\ldap\ldap-filter-context.xml

(2) Modify following configuration based on LDAP setting in ldap-filter.properties

Alfresco LDAP Authentication using email id
Note :- Make sure that userIdAttributeName must be mail

(3) Add following snippet entry in alfresco.global.properties

TOMCAT_HOME\shared\classes\alfresco.global.properties

Alfresco LDAP Authentication using email id

(4) Create a Class which extends LDAPAuthenticationComponentImpl
Override “authenticateImpl” method and add following snippet.

Alfresco LDAP Authentication using email id

Add following snippet in your class

Alfresco LDAP Authentication using email id

(5) Export jar file which contain custom class. Copy exported jar to

TOMCAT_HOME\webapps\alfresco\WEB-INF\lib\

(6) Restart Server.

Now you have created custom authentication subsystem successfully, you able to login Alfresco with LDAP email.

Download it – enprowess-subsystem.zip

I hope this blog helped you in understanding and configuring Ldap authentication using email id, We will keep sharing knowledge.
Stay tuned….

Blog By,
Pradip Patel

Subscribe
Notify of
guest
2 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments