How to configure mixed-mode security (native and LDAP) in Neo4j
For environments where you need both LDAP authentication as well as some native user accounts, there is a way to allow this in Neo4j 3.1 and newer. Use the configuration setting dbms.security.auth_providers
instead of the singular version dbms.security.auth_provider
. This will allow you to supply a list of providers to use for authentication.
To allow both LDAP and native users to login, use the following setting in conf/neo4j.conf
:
dbms.security.auth_providers=ldap,native
To control at a finer level which auth provider does (authentication and/or authorization), use the following settings as well (in the example we are setting all to true
, but this can differ based on specific needs):
dbms.security.native.authentication_enabled=true
dbms.security.native.authorization_enabled=true
dbms.security.ldap.authentication_enabled=true
dbms.security.ldap.authorization_enabled=true
Was this page helpful?