Solved: authentication failed with LDAP Policy - Page 2

devmego99 · 09-28-2021 02:38 AM

i am using Ldap policy with search query to get data from Ldap server
(the data i need is number of remaining failed attempts to login )

i am using custom ldap provider with this example (i downloaded source code from docs) "com.custom.ldap.ExternalLdapConProvicer"

--------------------------------------------------
<Ldap async="false" continueOnError="false" enabled="true" name="LDAP-1">
<DisplayName>LDAP-1</DisplayName>

<LdapConnectorClass>com.custom.ldap.ExternalLdapConProvicer</LdapConnectorClass>
<LdapResource>ldap1</LdapResource>
<Search>
<BaseDN>CN= ,CN= ,DC= ,DC= </BaseDN>
<SearchQuery>username={the.username}</SearchQuery>
<Attributes>
<Attribute>address</Attribute>
<Attribute>phone</Attribute>
<Attribute>title</Attribute>
</Attributes>
<Scope>subtree</Scope>
</Search>
</Ldap>

@dchiesa1

dchiesa1

i see.

Maybe you could write a custom LDAP provider, and within the logic of that provider, perform the inquiry on the user account, and obtain the information about remaining attempts. Unfortunately I am not clear on the interface for the custom LDAP provider that is described here. Just looking at the text there, I don't see how you could return that information via your custom provider. And I don't see the javadocs for the custom LDAP provider. There is no description for how the interface is expected to work, whether you can return additional information, and so on.

The other option is for you to connect to LDAP via some other mechanism; not via the LDAP policy and a custom provider, but via a microservice that you build and run outside of Apigee. And then you could connect to that service from Apigee with a ServiceCallout.

View solution in original post