LDAPS configuration
In order to use LDAPS authentication, you must configure the LDAPS settings in the standalone-full.xml to match the LDAPS configuration to be used by the installation customer.
| For security reasons Planon recommends to use LDAPS; e.g. LDAP via SSL. |
You can choose the LDAPS solution that suits your requirement. The following section only serves as an example.
If you intend to use the LDAPS login module, make sure that the default Planon login module is not in your standalone-full.xml file. Execute the following command in the JBoss CLI to remove the default Planon login module:
/subsystem=security/security-domain=PlanonSecurityDomain/authentication =classic/login-module= com.planonsoftware.jboss.login.artemis.server.jboss.JBossServerLoginModule/:remove
Execute the following command in the JBoss CLI to remove the CommitPlanonUserLoginModule. This module will be recreated in a later step, we delete it because the CLI only supports adding new login modules. The order of the login module must be updated, this one must always be executed last.
/subsystem=security/security-domain=PlanonSecurityDomain/authentication =classic/login-module= com.planonsoftware.jboss.login.artemis.server.CommitPlanonUserLoginModule/:remove
Ensure your LDAPS server is configured.
| The following screenshot an LDAPS server configuration example that is used as a model in the following configuration. |