I am try to use LDAP with SpringBoot and Camunda(7.14) using simple authentication method. As I found at documentation: https://docs.camunda.org/manual/latest/user-guide/process-engine/identity-service/#activate-the-ldap-plugin to corect configure LDAP i should use managerDn and managerPassword.
Normalny using simple authentiaction users(who try login) login and password are used to connect with LDAP and check groups of user at LDAP.
By using manager it he connect to LDAP and check groups by this user?
How i can configure LDAP to connect the LDAP without using managerDn/managerPassword?
When i miss managerDn/managerPassword i got error with property connection to LDAP.
In Document it’s mentioned as manager, but it’s actually LDAP bind user. In General, customer will create one bind user for application. This will not be used for any login purpose. Each application will use bind user to query the ldap, this is required. You cannot query the LDAP server without logging in.
Thanks for fast response!
Of course you shouldn’t use LDAP without logging in. But question is, did i must use the “manager” user to connect with LDAP? Why i can’t use login and password of user who try to login in?
Always when I was configure Spring i didn’t need to create any “manager” because spring get login and password from user who try to log in and try to connect with ldap using this credentials.
There are two difference scenarios.
IdentityService is part of infrastructure where manager credential is required.
Spring is an application, does not require any bind credentials, user can validate using their own credentials.