THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
...
There are various settings you might want to configure in this file, but for most production use it can remain unchanged.
If you want to use LDAP for user authentication:
- Set the security.ldap.enable property to true.
- Using the ${ofbiz install dir}/framework/security/config/jndiLdap.properties file:
- Change the java.naming.provider.url property to point to your LDAP server.
- Change the ldap.dn.template to use the Distinguished Name appropriate for your LDAP installation.
If your LDAP installation is simple (all of your users are in a single organization unit) then these are all the changes needed. If your users are in more than one organizational unit, then you will need to set up each user's distinguished name using the Party Manager View Profile -> Update UserLogin Security Settings screen.
By default, OFBiz will authenticate to LDAP first, and if successful it will synchronize the user's OFBiz password to the user's LDAP password, and then proceed to authenticate the user to OFBiz (using OFBiz's internal permissions logic). If LDAP authentication is unsuccessful, the user is still authenticated to OFBiz. This is the behavior appropriate for most installations.
If you want the entire authentication process to fail if LDAP authentication fails, then set the security.ldap.fail.login property in ${ofbiz install dir}/framework/security/config/security.properties to true. Only users who are in the LDAP directory will be able to use OFBiz. This would be appropriate for installations that use only the back office (manager) applications.
URL and Port Settings
The following configuration files contain port configuration that may configured for custom OFBiz installations:
...