Denise DeLassandros wants to read her user data from the LDAP directory, but wants to enable users to change their own passwords. She sets all user attributes to read-only, except for j_password .
Some LDAP directories require you to use Secure Sockets Layer (SSL) to protect communication between the user management engine (UME) and the LDAP directory.
For more information, see Configuring SSL Between the UME and an LDAP Directory .
Denise modifies her data source configuration file as follows:
Example
<dataSource id="CORP_LDAP" className="<impl class>" isReadonly="false" isPrimary="true"> ... <responsibleFor> <principal type="user"> <nameSpace name="com.sap.security.core.usermanagement"> <attribute name="uniquename" readonly="true"/> <attribute name="firstname" readonly="true"/> <attribute name="lastname" readonly="true"/> <attribute name="..." readonly="true"/> ... </nameSpace> </principal> <principal type="account"> <nameSpace name="com.sap.security.core.usermanagement"> <attribute name="j_user" readonly="true"/> <attribute name="j_password"/> <attribute name="..." readonly="true"/> … </nameSpace> </principal> </responsibleFor> ... </dataSource>