184.108.40.206. REST API Authentication with LDAP
LDAP Authentication for REST can be enabled using the following properties:
cuba.rest.ldap.enabled- whether LDAP authentication is enabled or not.
cuba.rest.ldap.urls– LDAP server URL.
cuba.rest.ldap.base– base DN for user search.
cuba.rest.ldap.user– the distinguished name of a system user which has the right to read the information from the directory.
cuba.rest.ldap.password– the password for the system user defined in the cuba.web.ldap.user property.
cuba.rest.ldap.userLoginField- the name of an LDAP user attribute that is used for matching the login name.
sAMAccountNameby default (suitable for Active Directory).
Example of local.app.properties file:
cuba.rest.ldap.enabled = true cuba.rest.ldap.urls = ldap://192.168.1.1:389 cuba.rest.ldap.base = ou=Employees,dc=mycompany,dc=com cuba.rest.ldap.user = cn=System User,ou=Employees,dc=mycompany,dc=com cuba.rest.ldap.password = system_user_password
You can obtain OAuth token using the following end-point:
An access to this endpoint is protected with the basic authentication. REST API client identifier and password are used for basic authentication. Please note that these are not the application user login and password. REST API client id and password are defined in the application properties cuba.rest.client.id and cuba.rest.client.secret (the default values are
secret). You must pass the client id and secret, separated by a single colon (":") character, within a base64 encoded string in the
Request parameters are the same as for standard authentication:
username- application user login.
password- application user password.
The request type must be
application/x-www-form-urlencoded, the encoding is
Also, standard authentication with login and password can be disabled:
cuba.rest.standardAuthenticationEnabled = false