stackoom
  简体   繁体   中英

LDAP - AD Username Password configuration for context-source

 原文  2016-05-12 19:35:17       spring-mvc/ authentication/ spring-security/ active-directory/ spring-ldap

Question

I am using Spring Security to authenticate against Active Directory using LDAP protocol. Following code works well in authentication and setting up LDAP templates too (springSecurity.xml) : 

<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
            xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
            xmlns:context="http://www.springframework.org/schema/context"
            xmlns:beans="http://www.springframework.org/schema/beans" 
            xmlns:ldap="http://www.springframework.org/schema/ldap"
            xsi:schemaLocation="
            http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd
            http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
            http://www.springframework.org/schema/context 
            http://www.springframework.org/schema/context/spring-context.xsd 
            http://www.springframework.org/schema/ldap 
            http://www.springframework.org/schema/ldap/spring-ldap.xsd">

    <http use-expressions="true">

        <intercept-url pattern="/login" access="permitAll" />
        <intercept-url pattern="/authenticated" access="isAuthenticated()" />

        <form-login login-page="/login" default-target-url="/authenticated"
            authentication-failure-url="/login?error=true" />
        <logout />


    </http>

    <beans:bean
        class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">
        <beans:property name="location">
            <beans:value>classpath:/ldap.properties</beans:value>
        </beans:property>
        <beans:property name="SystemPropertiesMode">
            <beans:value>2</beans:value> <!-- OVERRIDE is 2 -->
        </beans:property>
    </beans:bean>

    <beans:bean id="adAuthenticationProvider"
        class="org.springframework.security.ldap.authentication.ad.ActiveDirectoryLdapAuthenticationProvider">
        <beans:constructor-arg value="${sample.ldap.domain}" />
        <beans:constructor-arg value="${sample.ldap.url}" />
        <beans:property name="useAuthenticationRequestCredentials"
            value="true" />
        <beans:property name="convertSubErrorCodesToExceptions"
            value="true" />
    </beans:bean>


    <authentication-manager>
        <authentication-provider ref="adAuthenticationProvider" />
    </authentication-manager>

<!--  Ldap after authentication -->

    <context:property-placeholder location="classpath:/ldap.properties"
        system-properties-mode="OVERRIDE" />
    <context:annotation-config />

    <ldap:context-source id="contextSource" 
                        password="${sample.ldap.password}"
                        url="${sample.ldap.url}" 
                        username="${sample.ldap.userDn}" 
                        base="${sample.ldap.base}"
                        referral="follow" />

    <ldap:ldap-template id="ldapTemplate"
        context-source-ref="contextSource" />

    <ldap:repositories base-package="com.domain" />

    <beans:bean class="com.service.UserService">
        <beans:property name="directoryType" value="${sample.ldap.directory.type}" />
    </beans:bean>

    <!-- Required to make sure BaseLdapName is populated in UserService -->
    <beans:bean
        class="org.springframework.ldap.core.support.BaseLdapPathBeanPostProcessor" />

</beans:beans>

Authentication works fine while fetching j_username and j_password from login.jsp. To set up the ldap template i am using username and password attribute defined in properties file, but i wish to use same username and password from spring security. Please guide me as how to bind the Username and Password attribute properties in ldap:context-source id="contextSource" to spring security credentials.

The code is little messy, any input for improvement is welcomed.

1 answers

solution1
 3 ACCPTED  2016-05-17 09:24:12

As specified in the Configuration chapter of the reference documentation, you can use the Spring Security authentication for the ContextSource by specifying a custom authentication-source-ref in the the configuration element of the ContextSource. In your case you would use the a SpringSecurityAuthenticationSource , shipped with Spring Security. 

<ldap:context-source id="contextSource" 
                    url="${sample.ldap.url}" 
                    base="${sample.ldap.base}"
                    referral="follow" 
                    authentication-source-ref="authenticationSource"/>

<bean id="authenticationSource"
     class="org.springframework.security.ldap.authentication.SpringSecurityAuthenticationSource" />

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Spring data ldap configuration Spring LDAP Base Configuration Spring Boot + Security + MVC + LDAP AD + SSO Configuration in what context Username and Password not mapping with Authentication in Spring @WithMockUser ignores username, password fields? Spring Context Configuration Recover username and password with spring security Spring context configuration Spring-context configuration - namespace
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM