Configuring Multiple LDAP Servers for Authentication Only (OsUser)
Platform Notice: Data Center Only - This article only applies to Atlassian products on the Data Center platform.
Note that this KB was created for the Data Center version of the product. Data Center KBs for non-Data-Center-specific features may also work for Server versions of the product, however they have not been tested. Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.
*Except Fisheye and Crucible
Problem
There are multiple LDAP directories in use that Confluence will need to use for user authentication.
This page relates to a deprecated library, OSUser. For current versions of Confluence, see Configuring multiple LDAP repositories.
The osuser.xml file stores the connection strings for LDAP servers you are trying to connect to. You are able to define multiple {{LDAPCredentialsProvider}} in the osuser.xml which allows for connections to be made to separate LDAP servers hosting different user information. This allows you toAuthenticate with different LDAP users from different server onto Confluence.
Resolution
This is achievable by defining more than one LDAPCredentialsProvider in the osuser.xml file as shown below:
1
2
3
4
5
6
7
8
9
10
11
12
13
<provider class="com.opensymphony.user.provider.ldap.LDAPCredentialsProvider">
<property name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory</property>
<property name="java.naming.provider.url">Host1</property>
..............
..............
</provider>
<provider class="com.opensymphony.user.provider.ldap.LDAPCredentialsProvider">
<property name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory</property>
<property name="java.naming.provider.url">Host2</property>
..............
..............
</provider>
Was this helpful?