2 Replies Latest reply: Nov 28, 2013 7:10 AM by Christian Neumueller-Oracle RSS

    Ssl Authentication with Open Ldap

    oraman

      Hi experts,

       

      I would like to know if it's technically possible to use Open Ldap authentication, (Type: ssl with authentication) in apex 4.1 ?

      We have rhel6 server, oracle 11gr2.

       

      According to our Ldap admin there is following requirement:

      the apex application should use openldap with ssl (not tls). it should use port 636 and self signed CA certificate. the application should authenticate via ldap with password and username.

       

      Google showed me only AD and OID Ldap. I couldn't find any information for compatibility of oracle wallet with open ldap.

       

      any links with howto import ssl certificates from open-ldap to oracle wallet would be nice.

       

      thank you for help

        • 1. Re: Ssl Authentication with Open Ldap
          oraman

          got it to work now!

           

          is it possible to restrict the authentication to members of one ldap group with the help of

          authentication schema - settings - search filter

          ?

          • 2. Re: Ssl Authentication with Open Ldap
            Christian Neumueller-Oracle

            Hi Oraman,

             

            you can set "Use Exact Distinguished Name" to "No" and try to add the group restriction to the search filter. As an alternative, create an authorization scheme that does a group search with DBMS_LDAP (the APEX_LDAP group membership functions are specific to Oracle's LDAP server) and apply the authorization scheme at application level. Your application code will have to contain the wallet path and password, though. DBMS_LDAP does not access the wallet information of the APEX instance settings.

             

            Regards,

            Christian