LdapClient
Module for outbound LDAP v3 access
Module for outbound LDAP v3 access
The LdapClient module manages connections and access to LDAP directory services.
Each module (instance) manages a single connection to a single directory (a destination). To configure connections to multiple servers, use multiple modules. To increase throughput, increase the number of module instances.
The module provides a service on the internal event bus with a JSON based protocol and a java library for simplified use.
This module is used for all internal LDAP access, including the bundled LDAP valves.
Module name: LdapClient | LDAPClient
| Name | Description | Default | Mandatory |
|---|---|---|---|
| Name | Description | Default | Mandatory |
|---|---|---|---|
name
Destination name. Unique identifier for a specific configuration/connection/service. This value must be unique for all ldapclient configurations.
"default"
instances
Number of instances to deploy.
1
connection
LDAP connection configuration
host
Hostname or Ip-address to LDAP directory service.
port
Listen port of LDAP directory service.
bind_dn
DN of user/account used to connect to LDAP service.
bind_password
Password of user/account used to connect to LDAP service.
connect_timeout_ms
Specifies the maximum length of time in milliseconds that a connection attempt should be allowed to continue before giving up. A value of zero indicates that there should be no connect timeout.
10000
response_timeout_ms
Specifies the maximum length of time in milliseconds that an operation should be allowed to block while waiting for a response from the server. A value of zero indicates that there should be no timeout.
2000
abandon_on_timeout
Specifies whether the LDAP client should attempt to abandon any request for which no response is received in the maximum response timeout period.
true
follow_referrals
Specifies whether associated connections should attempt to follow any referrals that they encounter, using the referral connector for the associated connection.
false
use_keep_alive
Specifies whether to use the SO_KEEPALIVE option for the underlying sockets used by associated connections.
false
use_linger
Specifies whether to use the SO_LINGER option for the underlying sockets used by associated connections.
false
linger_timeout_secs
SO_LINGER timeout in seconds.
30
use_schema
Specifies whether to try to use schema information when reading data from the server (e.g., to select the appropriate matching rules for the attributes included in a search result entry).
true
use_ssl
Specifies if SSL/TLS should be used or not.
true
ssl_trust_all
Turns on/off trust validation for SSL/TLS connections.
false
ssl_truststore_path
Path to custom SSL truststore. If not specified, the default Java truststore will be used.
ssl_truststore_password
Custom truststore password
ssl_truststore_validate_time
Turns on/off peer certificate validity check.
true