Configuring the LDAP client certificate filter

Configure the LDAP client certificate filter.

Procedure

  1. Using the WebSphere® Application Server administrative console, click Security > Global security.
  2. In the User account repository section, select Standalone LDAP registry from the Available realm definitions list and click Configure.
  3. In the Additional Properties section, click Advanced Lightweight Directory Access Protocol (LDAP) user registry settings.
  4. Select CERTIFICATE_FILTER from the Certificate map mode list.
  5. Enter an LDAP filter string in the Certificate filter text field.
    The filter is used to map attributes in the client certificate to entries in the LDAP directory.
    For example, the following filter maps the SubjectCN field in the client certificate to the uid field in the LDAP directory: uid=${SubjectCN}.
  6. Click Apply. Then, click Save.
  7. Repeat steps 1-6 to configure additional LDAP search filters, as needed. For more information about configuring LDAP search filters, see the WebSphere Application Server Information Center (V8.0, V8.5).