I'm developing an application with Spring Security and Spring LDAP. This is part of my spring-security.xml:
<authentication-manager alias="authenticationManager">
<ldap-authentication-provider
user-search-filter="sAMAccountName={0}"
user-search-base="OU=UK,OU=Domain Objects,dc=test,dc=test1"
group-search-filter="member={0}"
group-search-base="OU=_Groups,OU=UK,OU=Domain Objects,dc=test,dc=test1"
group-role-attribute="cn"
role-prefix="ROLE_">
</ldap-authentication-provider>
</authentication-manager>
<ldap-server url="ldap://host:389/"
manager-dn="managerUser"
manager-password="ManagerPassword" />
Now I need to do some logic on a user attribute. I was wondering if there is a way to get that attribute during the login phase or I need to do a search on LDAP everytime I need that attribute.
Looking online now I'm a bit confused because I found online many ways to get custom attributes: extending the ContextMapper in the DAO or the AbstractContextMapper or extending LdapUserDetailsMapper.
Could you help me to find the correct solution? I think the best way would be to have an object where I can put the attribute I need during the login phase instead of querying the LDAP everytime I need that attribute. Thanks
I'm not sure exactly what you're asking. What I can tell you is that once you're authenticated via LDAP spring security caches the user details so you won't need to make a call to LDAP with every subsequent request.
This means that any subsequent methods called after the user is logged in can get the user details like so:
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
UserDetails ldapUser = (UserDetails) authentication.getPrincipal();
Or if you prefer you can cast it to a custom class you've created as long as you implement UserDetails.
public class MyUser implements UserDetails {
.....
}
Does this help at all?
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.