This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Announcements
This site is in read only until July 22 as we migrate to a new platform; refer to this community post for more details.
Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.
Log in to ask a question

How LDAP policy works

Posted on 11-16-2017 05:36 PM
oyamatakuro
New Member
Reply posted on --/--/---- --:-- AM

I have two questions on the LDAP policy in Edge for Private Cloud v4.17.01

It works when I issue api request with the username and password in the header by curl. Of course it fails when I specify the wrong username or password.

But when I issue the api request with no entities of username and password in the header, it looks like that the authenticaion succeeds and the api successfully continues.

Question1. Why does not the ldap authetication fail even if no username and password are given?

My configuration of LDAP policy is as follows.

<Authentication>  
  <UserName ref="request.header.username"/>  
  <Password ref="request.header.password"/> 
  <Scope>subtree</Scope>  
  <BaseDN/>  
</Authentication>

Question2. Cannot we use apigee edge organization users in the LDAP policy?

Alhough I tested the LDAP policy with some edge ui credentials instead of apigee system admin DN and ldap password, the authentication failed.
I guess the edge ui password and ldap password is not exactly the same or I specified the wrong DN for the organization users in the api request header.

Thanks,

2 3 1,166
Topic Labels
Reply
3 REPLIES 3
Top Solution Authors
View all