Skip to content
Connect2id
LDAP

Checklist for putting Json2Ldap in production

We put together is a brief checklist for putting an instance of Json2Ldap in production.

The main concern of this checklist is security:

  • Securing the HTTP connections from web clients to Json2Ldap;
  • Securing LDAP connections from Json2Ldap to your directory server(s).

Configure Json2Ldap so that:

  • Web clients are required to use HTTPS.
  • Write requests are denied if the directory will be used only for read operations from the web.
  • Sensible connection limits per web client IP and directory user are set.
  • The LDAP connections to the directory server are always made over TLS/SSL.
  • If you have a single directory server, it is set the default one so its host details do not need to be exposed to web clients and they connect to it just by knowing the Json2Ldap URL.
  • Turn on logging of web client requests.

These and a number of other Json2Ldap policy settings are explained in the configuration manual.

If you have a question regarding configuration, please let us know, by contacting support or posting a comment here.