Login to Alfresco share using LDAP email attribute

Authentication is very important part of any application, Alfresco supports different types of authentications like LDAP, pass-through, alfrescoNTLM, Kerberos, and external authentication.

In one of the project we used LDAP and from client we had requirement for Alfresco LDAP authentication using email id. Alfresco provides default authentication using username, while login in Alfresco with email using LDAP was new.

This blog will help to know about creating custom subsystem for login using email id in Alfresco. LDAP provide third party authentication. LDAP has fixed structure, so any organization won’t prefer to change their default LDAP structure. To create custom subsystem for authentication using email id in Alfresco, follow this blog.

There are two different ways to achieve Alfresco LDAP Authentication using email id

(I) Set mail as a BaseDn in your LDAP, which is not recommended

(II) Create your own subsystem which allow you to authenticate using email, before we discuss steps to create auth subsystem, it is important for you to understand Alfresco auth subsystem, to know about it click here.

Steps to create auth subsystem:

(1) Following configuration files are needed for configuration.

• common-ldap-context.xml
  
  TOMCAT_HOME\webapps\alfresco\WEB-INF\classes\alfresco\extension\subsystems\Authentication\subsytem-name\common-ldap-context.xml
• ldap-filter.properties
  TOMCAT_HOME\webapps\alfresco\WEB-INF\classes\alfresco\extension\subsystems\Authentication\subsytem-name\ldap\ldap-filter.properties

• ldap-filter-context.xml
  TOMCAT_HOME\webapps\alfresco\WEB-INF\classes\alfresco\extension\subsystems\Authentication\subsytem-name\ldap\ldap-filter-context.xml

(2) Modify following configuration based on LDAP setting in ldap-filter.properties

Note :- Make sure that userIdAttributeName must be mail

(3) Add following snippet entry in alfresco.global.properties

TOMCAT_HOME\shared\classes\alfresco.global.properties

(4) Create a Class which extends LDAPAuthenticationComponentImpl
Override “authenticateImpl” method and add following snippet.

Add following snippet in your class

(5) Export jar file which contain custom class. Copy exported jar to

TOMCAT_HOME\webapps\alfresco\WEB-INF\lib\

(6) Restart Server.

Now you have created custom authentication subsystem successfully, you able to login Alfresco with LDAP email.

Download it – enprowess-subsystem.zip

I hope this blog helped you in understanding and configuring Ldap authentication using email id, We will keep sharing knowledge.
Stay tuned….

Blog By,
Pradip Patel