If I use Microsoft Active Directory or Novel eDirectory as External Security System is there any possibility to specify an additional environment property / attribute? Examples are java.naming.referral (which is on Ivy set to follow per default) or java.naming.ldap.derefAliases etc.

With 7.2 and later:

Just configure it in the ivy.yaml like this:

    Provider: "Microsoft Active Directory"
      Url: ldap://localhost:389
        # Specifying how referrals encountered by the service provider are to be processed. Possible values are... follow, ignore, throw
        # https://docs.oracle.com/javase/jndi/tutorial/ldap/referral/index.html
        "java.naming.referral": ignore

See the ivy.yaml file reference section in the engine guide.


Before 7.2:

Yes this is possible, but unfortunately not configurable by the Administration UI by now. The following Steps are needed if you do it by Admin UI and Database Editor:

  1. Configure the additional properties by using the Administration UI and add them to the User Properties Edit User Properties
  2. Stop the Ivy Server/Engine
  3. Open a Database Editor and go to table IWA_ApplicationProperty
  4. Change the PropertyName from JndiAAA.UsrAttr.yourAdditionAttributeKey to JndiAAA.AddEnv.yourAdditionAttributeKey (e.g. JndiAAA.UsrAttr.java.naming.referral to JndiAAA.AddEnv.java.naming.referral)
  5. Start the Ivy Server/Engine, the additional attributes are now used

It is also possible to set the properties per API. Just create a Simple helper Project/Process and upload it to the Server with the following Code:

// set additional property "java.naming.referral" to "ignore"

// remove additional property "java.naming.referral"

