4.8.2 Authentication Schemes
Daisy provides its own password authentication, but it is also possible to delegate the authentication to an external system. At the time of this writing, Daisy ships with support for authentication using LDAP and NTLM. It is possible to configure multiple authentication schemes and to have different users authenticated against different authentication schemes.
The authentication schemes are configured in the myconfig.xml file (which is located in <daisy-data-dir>/conf). Just search on "ldap" or "ntlm" and you'll see the appropriate sections. After making changes there, you will need to restart the repository server. To let users use the newly defined authentication scheme(s), you need to edit their settings via the user editor on the administration pages.
As of Daisy 2.4 Daisy does automatic synchronisation of user information (such as updating the e-mail address based on what is stored in LDAP). When a user is not found in the Daisy user store an external system will be consulted. If the user is found there this user will be auto created on the first login. To enable this feature, search in the myconfig.xml file for "authenticationSchemeForUserCreation". If the authentication scheme fetches user data from the external system to put into the user object found in Daisy then a service will regularly check that external system for updates.
To debug authentication problems, look at the log files in <daisy-data-dir>/logs/daisy-request-errors-<date>.log. Problems in the configuration of the authentication schemes do not ripple through over the HTTP interface of the repository, thus are not visible in the Daisy Wiki.
188.8.131.52 Implementing new authentication schemes
For real samples, simply look at the source code of the NTLM and LDAP schemes. For this, download the Daisy source code, you'll find them in the following directories:
services/ldap-auth services/ntlm-auth services/trusted-auth #see
Trusted Application Authentication