Developers Getting Started With i2b2
Space shortcuts
Space Tools

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Migration of unmigrated content due to installation of a new plugin


There are a number of parameters that need to be defined in the i2b2 Admin if you want to use LDAP services as your i2b2 authentication method. These parameters are listed in the following table.

 

Parameter Name

Values

Required

authentication_method

LDAP

Yes

connection_url

Example: ldap://ldap.server.company.com:389

Yes

search_base

Example: OU=People, DC=company, DC=com

Yes

distinguished_name

"cuser", "dn:", "uid="

Yes

security_authentication

"none", "simple", "DIGEST-MD5", "CRAM-MD5", "EXTERNAL"

Yes

ssl

"true"

No

security_layer

"auth-conf", "auth-int", "auth-conf,auth-int", "auth-int,auth-conf"

No

privacy_strength

"high", "medium", "low", "high,medium", "high,low", "medium,low"

No

max_buffer

"65536"

No



In the i2b2 there are different types of parameters that can be defined.

 

Individual users login using LDAP authentication

  • In this scenario not all users are affected.
    • Only those users who have the parameters defined with be required to use their network id and password to log into i2b2 Web Client, Workbench and Admin (if they have access).
    • Users who do not have the parameters defined will login using the standard i2b2 authentication method.
  • Type of Parameter: User parameter
    • The parameters are defined on the user level.
    • User parameters only affect the user in which they are entered on.

 

Info
titleNote

For those who are not familiar with the i2b2 Admin, here is a quick note on how to navigate around the pages.

For the most part, the i2b2 Admin is comprised of two panels.

The panel on the left is the Navigation panel and contains a number of items that are displayed in a hierarchical tree. These items are grouped together based on their function. (Manage Hive, Manage Cells, Manage Projects, Manage Users)

The information that displays in the panel on the right is driven by whatever item is selected in the Navigation panel. If you click on Manage Users the Manage Users page will display on the right. If you click on a user name in the Navigation panel the Edit User page will display.

 

Steps to Setup LDAP Parameters

Assumption: The following steps assume you are already logged into the i2b2 Administration Module. If you do not know how to login please see the chapter titled i2b2 Administration Module Install.

 

Warning
titleWarning

The below steps are written for adding a user parameter. If you wish to add a hive parameter you can interchange the first three steps with the following two steps:

1. In the Navigation panel, expand Manage Hive to display a list of items.
2. Click on Global Params.

At this point the steps for adding a parameter are the same so can continue entering you parameters by jumping to the 4th step.

indent
Level1

1. In the Navigation panel, expand Manage Users to display a list of users.

indent
Level3

indent
Level1

2. Expand the name of the user you want to configure for LDAP Authentication.

indent
Level1

3. Click on the Params option that displays under the user's name.

indent
Level1

4. The Parameters List page will display on the right side of the window pane.

indent
Level3

indent
Level1

5. Click on Add New Parameter. The Enter Parameter page will display.

indent
Level3

indent
Level1

6. Enter the following parameter to define the method of authentication.

indent
Level3

Parameter Name: authentication_method

indent
Level3

Parameter Value: LDAP

indent
Level3

Parameter Data Type: Text

indent
Level1

7. Click on Save to save the new parameter.

indent
Level1

8. The Parameters List page will display with the new parameter.

Info
titleNote

The Navigation panel will not automatically refresh to display the new parameter. If you wish to update the list in the Navigation panel you can click on Params and it will refresh the hierarchical tree.

indent
Level1

9. In the Parameters List page click on Add New Parameter to enter another parameter.

indent
Level1

10. Enter the following parameter for the connection URL of your company's LDAP server.

indent
Level3

Parameter Name: connection_url

indent
Level3

Parameter Value: <ldap://ldap.company.com:389>

indent
Level3

Parameter Data Type: Text

Note
titleImportant

These tags < > are used to indicate the value within them is an example. You will need to replace it with the value that is appropriate for your environment.

indent
Level1

11. Click on Save to save the new parameter.

indent
Level1

12. In the Parameters List page click on Add New Parameter to enter another parameter.

indent
Level1

13. Enter the following parameter.

indent
Level3

Parameter Name: search_base

indent
Level3

Parameter Value: <OU=People,DC=company,DC=com>

indent
Level3

Parameter Data Type: Text

Note
titleImportant

These tags < > are used to indicate the value within them is an example. You will need to replace it with the value that is appropriate for your environment.

indent
Level1

14. Click on Save to save the new parameter.

indent
Level1

15. In the Parameters List page click on Add New Parameter to enter another parameter.

indent
Level1

16. Enter the following parameter.

indent
Level3

Parameter Name: distinguished_name

indent
Level3

Parameter Value: <uid=>

indent
Level3

Parameter Data Type: Text

Note
titleImportant

These tags < > are used to indicate the value within them is an example. You will need to replace it with the value that is appropriate for your environment.

indent
Level1

17. Click on Save to save the new parameter.

indent
Level1

18. In the Parameters List page click on Add New Parameter to enter another parameter.

indent
Level1

19. Enter the following parameter.

indent
Level3

Parameter Name: security_authentication

indent
Level3

Parameter Value: <simple>

indent
Level3

Parameter Data Type: Text

Note
titleImportant

These tags < > are used to indicate the value within them is an example. You will need to replace it with the value that is appropriate for your environment.

indent
Level1

20. Click on Save to save the new parameter.

indent
Level1

21. The Parameters List page will display all the new parameters you have entered.

Note
titleImportant

For DIGEST-MD5, add the optional settings for the security layer, privacy strength, or max buffer. If these values are not set, the default values will be used.

indent
Level1

22. Once you have finished entering all the parameters you can click on Params in the Navigation panel.

indent
Level1

23. The hierarchical tree will refresh ad display the new parameters.