XPlanner supports authentication through LDAP.
Configured with JNDILoginModule XPlanner delegates the authentication of users to a LDAP server.
- They don't have to have yet another set of credentials to remember
- They use their LDAP userid and passwords
- They no longer have to manually synchronize their password when they change it on the LDAP
Current limitations are
- No way to populate users directly from LDAP
- No way for users to self-register
- No configurable default role to be added to any freshly created user
- No notifications (email/RSS) for any security related actions (create user, assign role, remove role, disactivate user...) to either sysadmin, admin or user.
Read the Security User Guide for more background on XPlanner security functionality.
Configuration
See relevant threads here
Usage
User creation
Users have to be created in XPlanner. As of 0.8b4, there isn't any way to have users self-register. A sysadmin has to create the users in xplanner first.
In order to work, the userid of the XPlanner user has to match the LDAP userid.
Once created, that user may be used: the user may log in with his LDAP credentials. However until a project admin assigns a role to him, he won't be able to do anything.
 | There isn't any automatic notification of creation, role assignment to neither users, project admin or sysadmin. The management workflow must be managed entirely outside XPlanner |
Importing users
To alleviate the burden on sysadmins to create users, XPlanner has a bulk import available.
As a sysadmin, the People page has a Import people link that points to a simple upload form. On that page you can find the excel template of the format to pass to XPlanner upload. It contains all the information XPlanner requires to create a user.