#742 add bind dn and password

src/main/java/org/codelibs/fess/Constants.java

@@ -363,6 +363,10 @@ public class Constants extends CoreLibConstants {
 
     public static final String LDAP_SECURITY_PRINCIPAL = "ldap.security.principal";
 
+    public static final String LDAP_ADMIN_SECURITY_PRINCIPAL = "ldap.admin.security.principal";
+
+    public static final String LDAP_ADMIN_SECURITY_CREDENTIALS = "ldap.admin.security.credentials";
+
     public static final String LDAP_PROVIDER_URL = "ldap.provider.url";
 
     public static final String LDAP_SECURITY_AUTHENTICATION = "ldap.security.authentication";
@@ -396,4 +400,6 @@ public class Constants extends CoreLibConstants {
     public static final String GSA_API_VERSION = "3.2";
 
     public static final String PERMISSIONS = "permissions";
+
+    public static final String CIPHER_PREFIX = "{cipher}";
 }

src/main/java/org/codelibs/fess/app/web/admin/general/AdminGeneralAction.java

@@ -45,6 +45,8 @@ import org.slf4j.LoggerFactory;
  */
 public class AdminGeneralAction extends FessAdminAction {
 
+    private static final String DUMMY_PASSWORD = "**********";
+
     private static final Logger logger = LoggerFactory.getLogger(AdminGeneralAction.class);
 
     // ===================================================================================
@@ -144,6 +146,10 @@ public class AdminGeneralAction extends FessAdminAction {
         fessConfig.setPurgeSuggestSearchLogDay(form.purgeSuggestSearchLogDay);
         fessConfig.setLdapProviderUrl(form.ldapProviderUrl);
         fessConfig.setLdapSecurityPrincipal(form.ldapSecurityPrincipal);
+        fessConfig.setLdapAdminSecurityPrincipal(form.ldapAdminSecurityPrincipal);
+        if (form.ldapAdminSecurityCredentials != null && StringUtil.isNotBlank(form.ldapAdminSecurityCredentials.replace("*", " "))) {
+            fessConfig.setLdapAdminSecurityCredentials(form.ldapAdminSecurityCredentials);
+        }
         fessConfig.setLdapBaseDn(form.ldapBaseDn);
         fessConfig.setLdapAccountFilter(form.ldapAccountFilter);
         fessConfig.setNotificationLogin(form.notificationLogin);
@@ -182,6 +188,8 @@ public class AdminGeneralAction extends FessAdminAction {
         form.purgeSuggestSearchLogDay = fessConfig.getPurgeSuggestSearchLogDay();
         form.ldapProviderUrl = fessConfig.getLdapProviderUrl();
         form.ldapSecurityPrincipal = fessConfig.getLdapSecurityPrincipal();
+        form.ldapAdminSecurityPrincipal = fessConfig.getLdapAdminSecurityPrincipal();
+        form.ldapAdminSecurityCredentials = DUMMY_PASSWORD;//fessConfig.getLdapAdminSecurityCredentials();
         form.ldapBaseDn = fessConfig.getLdapBaseDn();
         form.ldapAccountFilter = fessConfig.getLdapAccountFilter();
         form.notificationLogin = fessConfig.getNotificationLogin();

src/main/java/org/codelibs/fess/app/web/admin/general/EditForm.java

@@ -127,6 +127,12 @@ public class EditForm {
     @Size(max = 1000)
     public String ldapSecurityPrincipal;
 
+    @Size(max = 1000)
+    public String ldapAdminSecurityPrincipal;
+
+    @Size(max = 1000)
+    public String ldapAdminSecurityCredentials;
+
     @Size(max = 1000)
     public String ldapBaseDn;
 

src/main/java/org/codelibs/fess/ds/impl/GitBucketDataStoreImpl.java

@@ -94,12 +94,21 @@ public class GitBucketDataStoreImpl extends AbstractDataStoreImpl {
                 final String owner = (String) repository.get("owner");
                 final List<String> roleList = createRoleList(owner, repository);
 
-                collectFileNames(rootURL, authToken, owner, name, StringUtil.EMPTY, 0, readInterval, path -> {
-                    storeFileContent(rootURL, authToken, owner, name, roleList, path, crawlingConfig, callback, paramMap, scriptMap, defaultDataMap);
-                    if (readInterval > 0) {
-                        sleep(readInterval);
-                    }
-                });
+                collectFileNames(
+                        rootURL,
+                        authToken,
+                        owner,
+                        name,
+                        StringUtil.EMPTY,
+                        0,
+                        readInterval,
+                        path -> {
+                            storeFileContent(rootURL, authToken, owner, name, roleList, path, crawlingConfig, callback, paramMap,
+                                    scriptMap, defaultDataMap);
+                            if (readInterval > 0) {
+                                sleep(readInterval);
+                            }
+                        });
             } catch (final Exception e) {
                 logger.warn("Failed to access to " + repository, e);
             }

src/main/java/org/codelibs/fess/es/config/exentity/CrawlingConfigWrapper.java

@@ -1,3 +1,18 @@
+/*
+ * Copyright 2012-2016 CodeLibs Project and the Others.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
+ * either express or implied. See the License for the specific language
+ * governing permissions and limitations under the License.
+ */
 package org.codelibs.fess.es.config.exentity;
 
 import java.util.Map;

src/main/java/org/codelibs/fess/ldap/LdapManager.java

@@ -75,8 +75,8 @@ public class LdapManager {
     protected Hashtable<String, String> createAdminEnv() {
         final FessConfig fessConfig = ComponentUtil.getFessConfig();
         return createEnvironment(//
-                fessConfig.getLdapAdminInitialContextFactory(), //
-                fessConfig.getLdapAdminSecurityAuthentication(), fessConfig.getLdapAdminProviderUrl(), //
+                fessConfig.getLdapInitialContextFactory(), //
+                fessConfig.getLdapSecurityAuthentication(), fessConfig.getLdapProviderUrl(), //
                 fessConfig.getLdapAdminSecurityPrincipal(), //
                 fessConfig.getLdapAdminSecurityCredentials());
     }
@@ -93,8 +93,8 @@ public class LdapManager {
     protected Hashtable<String, String> createSearchEnv() {
         final FessConfig fessConfig = ComponentUtil.getFessConfig();
         return createEnvironment(//
-                fessConfig.getLdapAdminInitialContextFactory(), //
-                fessConfig.getLdapAdminSecurityAuthentication(), fessConfig.getLdapAdminProviderUrl(), //
+                fessConfig.getLdapInitialContextFactory(), //
+                fessConfig.getLdapSecurityAuthentication(), fessConfig.getLdapProviderUrl(), //
                 fessConfig.getLdapAdminSecurityPrincipal(), //
                 fessConfig.getLdapAdminSecurityCredentials());
     }

src/main/java/org/codelibs/fess/mylasta/action/FessLabels.java

@@ -443,9 +443,15 @@ public class FessLabels extends UserMessages {
     /** The key of the message: LDAP URL */
     public static final String LABELS_LDAP_PROVIDER_URL = "{labels.ldapProviderUrl}";
 
-    /** The key of the message: Bind DN */
+    /** The key of the message: User DN */
     public static final String LABELS_LDAP_SECURITY_PRINCIPAL = "{labels.ldapSecurityPrincipal}";
 
+    /** The key of the message: Bind DN */
+    public static final String LABELS_LDAP_ADMIN_SECURITY_PRINCIPAL = "{labels.ldapAdminSecurityPrincipal}";
+
+    /** The key of the message: Password */
+    public static final String LABELS_LDAP_ADMIN_SECURITY_CREDENTIALS = "{labels.ldapAdminSecurityCredentials}";
+
     /** The key of the message: Base DN */
     public static final String LABELS_LDAP_BASE_DN = "{labels.ldapBaseDn}";
 
@@ -2328,9 +2334,15 @@ public class FessLabels extends UserMessages {
     /** The key of the message: LDAP URL */
     public static final String LABELS_ldap_provider_url = "{labels.ldap_provider_url}";
 
-    /** The key of the message: Bind DN */
+    /** The key of the message: User DN */
     public static final String LABELS_ldap_security_principal = "{labels.ldap_security_principal}";
 
+    /** The key of the message: Bind DN */
+    public static final String LABELS_ldap_admin_security_principal = "{labels.ldap_admin_security_principal}";
+
+    /** The key of the message: Password */
+    public static final String LABELS_ldap_admin_security_credentials = "{labels.ldap_admin_security_credentials}";
+
     /** The key of the message: Base DN */
     public static final String LABELS_ldap_base_dn = "{labels.ldap_base_dn}";
 

src/main/java/org/codelibs/fess/mylasta/direction/FessConfig.java

@@ -34,7 +34,7 @@ public interface FessConfig extends FessEnv, org.codelibs.fess.mylasta.direction
     /** The key of the configuration. e.g. aes */
     String APP_CIPHER_ALGORISM = "app.cipher.algorism";
 
-    /** The key of the configuration. e.g. __change_me__ */
+    /** The key of the configuration. e.g. ___change__me___ */
     String APP_CIPHER_KEY = "app.cipher.key";
 
     /** The key of the configuration. e.g. sha256 */
@@ -835,21 +835,6 @@ public interface FessConfig extends FessEnv, org.codelibs.fess.mylasta.direction
     /** The key of the configuration. e.g. false */
     String LDAP_ADMIN_ENABLED = "ldap.admin.enabled";
 
-    /** The key of the configuration. e.g. com.sun.jndi.ldap.LdapCtxFactory */
-    String LDAP_ADMIN_INITIAL_CONTEXT_FACTORY = "ldap.admin.initial.context.factory";
-
-    /** The key of the configuration. e.g. simple */
-    String LDAP_ADMIN_SECURITY_AUTHENTICATION = "ldap.admin.security.authentication";
-
-    /** The key of the configuration. e.g. ldap://localhost:1389 */
-    String LDAP_ADMIN_PROVIDER_URL = "ldap.admin.provider.url";
-
-    /** The key of the configuration. e.g. cn=Directory Manager */
-    String LDAP_ADMIN_SECURITY_PRINCIPAL = "ldap.admin.security.principal";
-
-    /** The key of the configuration. e.g. password */
-    String LDAP_ADMIN_SECURITY_CREDENTIALS = "ldap.admin.security.credentials";
-
     /** The key of the configuration. e.g. uid=%s */
     String LDAP_ADMIN_USER_FILTER = "ldap.admin.user.filter";
 
@@ -1115,7 +1100,7 @@ public interface FessConfig extends FessEnv, org.codelibs.fess.mylasta.direction
 
     /**
      * Get the value for the key 'app.cipher.key'. <br>
-     * The value is, e.g. __change_me__ <br>
+     * The value is, e.g. ___change__me___ <br>
      * @return The value of found property. (NotNull: if not found, exception but basically no way)
      */
     String getAppCipherKey();
@@ -3716,41 +3701,6 @@ public interface FessConfig extends FessEnv, org.codelibs.fess.mylasta.direction
      */
     boolean isLdapAdminEnabled();
 
-    /**
-     * Get the value for the key 'ldap.admin.initial.context.factory'. <br>
-     * The value is, e.g. com.sun.jndi.ldap.LdapCtxFactory <br>
-     * @return The value of found property. (NotNull: if not found, exception but basically no way)
-     */
-    String getLdapAdminInitialContextFactory();
-
-    /**
-     * Get the value for the key 'ldap.admin.security.authentication'. <br>
-     * The value is, e.g. simple <br>
-     * @return The value of found property. (NotNull: if not found, exception but basically no way)
-     */
-    String getLdapAdminSecurityAuthentication();
-
-    /**
-     * Get the value for the key 'ldap.admin.provider.url'. <br>
-     * The value is, e.g. ldap://localhost:1389 <br>
-     * @return The value of found property. (NotNull: if not found, exception but basically no way)
-     */
-    String getLdapAdminProviderUrl();
-
-    /**
-     * Get the value for the key 'ldap.admin.security.principal'. <br>
-     * The value is, e.g. cn=Directory Manager <br>
-     * @return The value of found property. (NotNull: if not found, exception but basically no way)
-     */
-    String getLdapAdminSecurityPrincipal();
-
-    /**
-     * Get the value for the key 'ldap.admin.security.credentials'. <br>
-     * The value is, e.g. password <br>
-     * @return The value of found property. (NotNull: if not found, exception but basically no way)
-     */
-    String getLdapAdminSecurityCredentials();
-
     /**
      * Get the value for the key 'ldap.admin.user.filter'. <br>
      * The value is, e.g. uid=%s <br>
@@ -5737,26 +5687,6 @@ public interface FessConfig extends FessEnv, org.codelibs.fess.mylasta.direction
             return is(FessConfig.LDAP_ADMIN_ENABLED);
         }
 
-        public String getLdapAdminInitialContextFactory() {
-            return get(FessConfig.LDAP_ADMIN_INITIAL_CONTEXT_FACTORY);
-        }
-
-        public String getLdapAdminSecurityAuthentication() {
-            return get(FessConfig.LDAP_ADMIN_SECURITY_AUTHENTICATION);
-        }
-
-        public String getLdapAdminProviderUrl() {
-            return get(FessConfig.LDAP_ADMIN_PROVIDER_URL);
-        }
-
-        public String getLdapAdminSecurityPrincipal() {
-            return get(FessConfig.LDAP_ADMIN_SECURITY_PRINCIPAL);
-        }
-
-        public String getLdapAdminSecurityCredentials() {
-            return get(FessConfig.LDAP_ADMIN_SECURITY_CREDENTIALS);
-        }
-
         public String getLdapAdminUserFilter() {
             return get(FessConfig.LDAP_ADMIN_USER_FILTER);
         }

src/main/java/org/codelibs/fess/mylasta/direction/FessProp.java

@@ -492,6 +492,27 @@ public interface FessProp {
         return getSystemProperty(Constants.LDAP_SECURITY_PRINCIPAL);
     }
 
+    public default void setLdapAdminSecurityPrincipal(final String value) {
+        setSystemProperty(Constants.LDAP_ADMIN_SECURITY_PRINCIPAL, value);
+    }
+
+    public default String getLdapAdminSecurityPrincipal() {
+        return getSystemProperty(Constants.LDAP_ADMIN_SECURITY_PRINCIPAL);
+    }
+
+    public default void setLdapAdminSecurityCredentials(final String value) {
+        setSystemProperty(Constants.LDAP_ADMIN_SECURITY_CREDENTIALS,
+                Constants.CIPHER_PREFIX + ComponentUtil.getPrimaryCipher().encrypt(value));
+    }
+
+    public default String getLdapAdminSecurityCredentials() {
+        final String value = getSystemProperty(Constants.LDAP_ADMIN_SECURITY_CREDENTIALS);
+        if (StringUtil.isNotBlank(value) && value.startsWith(Constants.CIPHER_PREFIX)) {
+            return ComponentUtil.getPrimaryCipher().decrypt(value.substring(Constants.CIPHER_PREFIX.length()));
+        }
+        return value;
+    }
+
     public default void setLdapBaseDn(final String value) {
         setSystemProperty(Constants.LDAP_BASE_DN, value);
     }

src/main/java/org/codelibs/fess/util/ComponentUtil.java

@@ -62,6 +62,7 @@ import org.codelibs.fess.mylasta.direction.FessConfig;
 import org.codelibs.fess.sso.SsoManager;
 import org.codelibs.fess.thumbnail.ThumbnailManager;
 import org.lastaflute.core.message.MessageManager;
+import org.lastaflute.core.security.PrimaryCipher;
 import org.lastaflute.di.core.SingletonLaContainer;
 import org.lastaflute.di.core.factory.SingletonLaContainerFactory;
 import org.lastaflute.di.core.smart.hot.HotdeployUtil;
@@ -376,6 +377,10 @@ public final class ComponentUtil {
         return getComponent(THUMBNAIL_MANAGER);
     }
 
+    public static PrimaryCipher getPrimaryCipher() {
+        return getComponent(PrimaryCipher.class);
+    }
+
     public static CrawlerClientFactory getCrawlerClientFactory() {
         return getComponent(CrawlerClientFactory.class);
     }

src/main/resources/fess_config.properties

@@ -14,7 +14,7 @@ elasticsearch.http.url=http://localhost:9201
 
 # Cryptographer
 app.cipher.algorism=aes
-app.cipher.key=__change_me__
+app.cipher.key=___change__me___
 app.digest.algorism=sha256
 
 # JVM options
@@ -434,11 +434,6 @@ suggest.search.log.permissions={user}guest,{role}guest
 #                                                     ------
 
 ldap.admin.enabled=false
-ldap.admin.initial.context.factory=com.sun.jndi.ldap.LdapCtxFactory
-ldap.admin.security.authentication=simple
-ldap.admin.provider.url=ldap\://localhost\:1389
-ldap.admin.security.principal=cn\=Directory Manager
-ldap.admin.security.credentials=password
 ldap.admin.user.filter=uid\=%s
 ldap.admin.user.base.dn=ou\=People,dc\=fess,dc\=codelibs,dc\=org
 ldap.admin.user.object.classes=organizationalPerson,top,person,inetOrgPerson

src/main/resources/fess_label.properties

@@ -137,7 +137,9 @@ labels.searchParams=Search Parameters
 labels.fields=Fields
 labels.ex_q=Extended Query
 labels.ldapProviderUrl=LDAP URL
-labels.ldapSecurityPrincipal=Bind DN
+labels.ldapSecurityPrincipal=User DN
+labels.ldapAdminSecurityPrincipal=Bind DN
+labels.ldapAdminSecurityCredentials=Password
 labels.ldapBaseDn=Base DN
 labels.ldapAccountFilter=Account Filter
 labels.oldPassword=Current Password
@@ -766,7 +768,9 @@ labels.general_menu_suggest=Suggest
 labels.general_menu_ldap=LDAP
 labels.general_menu_notification=Notification
 labels.ldap_provider_url=LDAP URL
-labels.ldap_security_principal=Bind DN
+labels.ldap_security_principal=User DN
+labels.ldap_admin_security_principal=Bind DN
+labels.ldap_admin_security_credentials=Password
 labels.ldap_base_dn=Base DN
 labels.ldap_account_filter=Account Filter
 labels.notification_login=Login page

src/main/resources/fess_label_en.properties

@@ -137,7 +137,9 @@ labels.searchParams=Search Parameters
 labels.fields=Fields
 labels.ex_q=Extended Query
 labels.ldapProviderUrl=LDAP URL
-labels.ldapSecurityPrincipal=Bind DN
+labels.ldapSecurityPrincipal=User DN
+labels.ldapAdminSecurityPrincipal=Bind DN
+labels.ldapAdminSecurityCredentials=Password
 labels.ldapBaseDn=Base DN
 labels.ldapAccountFilter=Account Filter
 labels.oldPassword=Current Password
@@ -766,7 +768,9 @@ labels.general_menu_suggest=Suggest
 labels.general_menu_ldap=LDAP
 labels.general_menu_notification=Notification
 labels.ldap_provider_url=LDAP URL
-labels.ldap_security_principal=Bind DN
+labels.ldap_security_principal=User DN
+labels.ldap_admin_security_principal=Bind DN
+labels.ldap_admin_security_credentials=Password
 labels.ldap_base_dn=Base DN
 labels.ldap_account_filter=Account Filter
 labels.notification_login=Login page

src/main/resources/fess_label_ja.properties

@@ -764,10 +764,14 @@ labels.general_menu_suggest=\u30b5\u30b8\u30a7\u30b9\u30c8
 labels.general_menu_ldap=LDAP
 labels.general_menu_notification=\u304a\u77e5\u3089\u305b\u8868\u793a
 labels.ldapProviderUrl=LDAP URL
-labels.ldapSecurityPrincipal=Bind DN
+labels.ldapSecurityPrincipal=User DN
+labels.ldapAdminSecurityPrincipal=Bind DN
+labels.ldapAdminSecurityCredentials=\u30d1\u30b9\u30ef\u30fc\u30c9
 labels.ldapBaseDn=Base DN
 labels.ldap_provider_url=LDAP URL
-labels.ldap_security_principal=Bind DN
+labels.ldap_security_principal=User DN
+labels.ldap_admin_security_principal=Bind DN
+labels.ldap_admin_security_credentials=\u30d1\u30b9\u30ef\u30fc\u30c9
 labels.ldap_base_dn=Base DN
 labels.ldapAccountFilter=\u30a2\u30ab\u30a6\u30f3\u30c8\u30d5\u30a3\u30eb\u30bf
 labels.ldap_account_filter=\u30a2\u30ab\u30a6\u30f3\u30c8\u30d5\u30a3\u30eb\u30bf

src/main/resources/fess_label_ko.properties

@@ -743,10 +743,14 @@ labels.general_menu_suggest = \uc11c\uc81c\uc2a4\ud2b8
 labels.general_menu_ldap = LDAP
 labels.general_menu_notification = \ud45c\uc2dc\ub4f1
 labels.ldapProviderUrl = LDAP URL
-labels.ldapSecurityPrincipal = Bind DN
+labels.ldapSecurityPrincipal=User DN
+labels.ldapAdminSecurityPrincipal=Bind DN
+labels.ldapAdminSecurityCredentials=Password
 labels.ldapBaseDn = Base DN
 labels.ldap_provider_url = LDAP URL
-labels.ldap_security_principal = Bind DN
+labels.ldap_security_principal=User DN
+labels.ldap_admin_security_principal=Bind DN
+labels.ldap_admin_security_credentials=Password
 labels.ldap_base_dn = Base DN
 labels.ldapAccountFilter = \uacc4\uc815 \ud544\ud130
 labels.ldap_account_filter = \uacc4\uc815 \ud544\ud130

src/main/resources/fess_label_ru.properties

@@ -136,7 +136,9 @@ labels.searchParams=\u041f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u044b \u043
 labels.fields=\u041f\u043e\u043b\u044f
 labels.ex_q=\u0420\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u043d\u044b\u0439 \u0437\u0430\u043f\u0440\u043e\u0441
 labels.ldapProviderUrl=LDAP URL
-labels.ldapSecurityPrincipal=\u041f\u0440\u0438\u0432\u044f\u0437\u0430\u0442\u044c DN
+labels.ldapSecurityPrincipal=User DN
+labels.ldapAdminSecurityPrincipal=\u041f\u0440\u0438\u0432\u044f\u0437\u0430\u0442\u044c DN
+labels.ldapAdminSecurityCredentials=Password
 labels.ldapBaseDn=\u0411\u0430\u0437\u043e\u0432\u044b\u0439 DN
 labels.ldapAccountFilter=\u0424\u0438\u043b\u044c\u0442\u0440 \u0430\u043a\u043a\u0430\u0443\u043d\u0442\u0430
 labels.oldPassword=\u0422\u0435\u043a\u0443\u0449\u0438\u0439 \u043f\u0430\u0440\u043e\u043b\u044c
@@ -754,7 +756,9 @@ labels.general_menu_suggest=Suggest
 labels.general_menu_ldap=LDAP
 labels.general_menu_notification=\u0423\u0432\u0435\u0434\u043e\u043c\u043b\u0435\u043d\u0438\u0435
 labels.ldap_provider_url=LDAP URL
-labels.ldap_security_principal=Bind DN
+labels.ldap_security_principal=User DN
+labels.ldap_admin_security_principal=Bind DN
+labels.ldap_admin_security_credentials=Password
 labels.ldap_base_dn=Base DN
 labels.ldap_account_filter=Account Filter
 labels.notification_login=\u0421\u0442\u0440\u0430\u043d\u0438\u0446\u0430 \u0432\u0445\u043e\u0434\u0430

src/main/webapp/WEB-INF/view/admin/general/admin_general.jsp

@@ -332,23 +332,43 @@
 												styleClass="form-control" />
 										</div>
 									</div>
+									<div class="form-group">
+										<label for="ldapBaseDn"
+											class="col-sm-3 control-label"><la:message
+												key="labels.ldap_base_dn" /></label>
+										<div class="col-sm-9">
+											<la:errors property="ldapBaseDn" />
+											<la:text property="ldapBaseDn"
+												styleClass="form-control" />
+										</div>
+									</div>
 									<div class="form-group">
 										<label for="ldapSecurityPrincipal"
 											class="col-sm-3 control-label"><la:message
-												key="labels.ldap_security_principal" /></label>
+												key="labels.ldap_admin_security_principal" /></label>
 										<div class="col-sm-9">
-											<la:errors property="ldapSecurityPrincipal" />
-											<la:text property="ldapSecurityPrincipal"
+											<la:errors property="ldapAdminSecurityPrincipal" />
+											<la:text property="ldapAdminSecurityPrincipal"
 												styleClass="form-control" />
 										</div>
 									</div>
 									<div class="form-group">
-										<label for="ldapBaseDn"
+										<label for="ldapSecurityPrincipal"
 											class="col-sm-3 control-label"><la:message
-												key="labels.ldap_base_dn" /></label>
+												key="labels.ldap_admin_security_credentials" /></label>
 										<div class="col-sm-9">
-											<la:errors property="ldapBaseDn" />
-											<la:text property="ldapBaseDn"
+											<la:errors property="ldapAdminSecurityCredentials" />
+											<la:password property="ldapAdminSecurityCredentials"
+												styleClass="form-control" />
+										</div>
+									</div>
+									<div class="form-group">
+										<label for="ldapSecurityPrincipal"
+											class="col-sm-3 control-label"><la:message
+												key="labels.ldap_security_principal" /></label>
+										<div class="col-sm-9">
+											<la:errors property="ldapSecurityPrincipal" />
+											<la:text property="ldapSecurityPrincipal"
 												styleClass="form-control" />
 										</div>
 									</div>