Error validating ldap url and credentials

14-Dec-2017 13:13

Here's a detailed explanation: This code is not following security best practices because it provides different responses for the wrong user ID and wrong password.This is acceptable in a sample application such as this one, because it makes debugging easier but not in a production environment.The way those job roles are typically expressed in LDAP is as a membership in a group.Group objects typically have the object class and a member attribute that is multi-valued.

This is a very simple algorithm that performs without costing too much in memory or CPU.

However, each session stays with the old flag for one hour, so no session is deleted before it reaches an hour, and no session survives past 2 hours.

In a production application, sessions are usually preserved until the user becomes inactive.

For instructions, see "Connect to your data center with the Bluemix Secure Gateway service."Typically, the server connection information is stored as configuration parameters to make it easy for operations staff to change it if necessary (see Step 5 in "Build a self-posting Facebook application with Bluemix and the MEAN stack, Part 3").

However, for the purposes of this tutorial, I want to give you the ability to point the application at your own LDAP server.

To access either page, a user needs to be a member of a specific LDAP group.