Sun Java System Application Server 9.x (glassfish) External JNDI LDAP Resource Part II

In my recent blog entry on configuring an external JNDI LDAP entry, I showed how to connect to an LDAP server as a JNDI reference. This assumes that the LDAP server is on the local machine and that it allows anonymous authentication. Usually this is not the case. I will cover how to use a login to an LDAP server which requires a little more configuration.

Prerequisites:

• A working LDAP server
• A login which can browse the directory tree

Instructions:

Please follow the directions in my previous blog entry to set up the basic external JNDI resource. The Sun Java System Application Server 9.1 Administration Guide is incorrect on how to set the properties. It refers to using some properties that are defined for LDAP like PROVIDER-URL. Unfortunately, to use them you would need to prefix them with the appropriate class. So we will use an alternate tack and use them by their fully qualified names. Add the following properties to the entry.

PROVIDER-URL:
java.naming.provider.url

SECURITY_PRINCIPAL:
java.naming.security.principal

SECURITY_AUTHENTICATION:
java.naming.security.authentication

SECURITY_CREDENTIALS:
java.naming.security.credentials

Since we have the fully qualified names, we can use them to set the properties for our external JNDI resource. See the image below.


Once you have the properties set and saved, you will have a complete external JNDI LDAP connection.

Congratulations!