Configuring LDAP Authentication

Using the AuthProviderLDAP class, you can configure Connect Daily to authenticate Users against a central LDAP directory service. Connect Daily can also set group memberships based on LDAP/AD group memberships.

Create a User within the calendar database that has administrator privileges. The name of the User should be the name of the User that exists within the directory.
Add a line to the cdaily-3.4.11/WEB-INF/configuration.properties that specifies the LDAP authentication provider:

AuthenticationProvider=com.mhsoftware.cdaily.support.security.AuthProviderLDAP
Active Directory Users should follow the steps in SSL LDAP Setup on Windows section in Configuring Active Directory Authentication.
UNIX Users should get the SSL certificate used by the LDAP server and put it in a local keystore file. On Linux the steps were:

openssl x509 -inform pem -in /usr/share/ssl/certs/slapd.pem \
-outform der -out ~/slapd.der

keytool -import -file ~/slapd.der -keystore \
~/sslkey.keystore -alias "type=r.name=sslkey"
Edit the ldap.properties file located in the cdaily-3.4.11/WEB-INF directory. This file is heavily commented and should be pretty easy to follow.
If you want Connect Daily to synchronize it's group memberships with your LDAP source, edit each Connect Daily user group and set the LDAP equivalent groups.

Once you have all the steps completed and verified the LDAP authentication is working properly, stop the Connect Daily service and restart it.

If it doesn't work, refer to the topic for Debugging LDAP/Active Directory Authentication.

If desired, you can customize the included source file for this provider and override how it works. If you do this, you will need to change the class name and deploy the compiled file into the cdaily-3.4.11/WEB-INF/classes sub-directory. Set the AuthenticationProvider entry in the configuration.properties file to point to your new class name.