Spring 3, Spring Security, LDAP, How do I add roles to LDAP?

Question

Spring 3, Spring Security, LDAP, How do I add roles to LDAP; I changed my Spring 3 project that is using Spring Secuity to use LDAP from MySQL. The login to check for a user password is working but I cant find out how to add roles to ldap.. can someone please help me with a sample LDIF file;

<beans:bean id="ldapAuthProvider"
    class="org.springframework.security.ldap.authentication.LdapAuthenticationProvider">
    <beans:constructor-arg>
        <beans:bean
            class="org.springframework.security.ldap.authentication.BindAuthenticator">
            <beans:constructor-arg ref="contextSource" />
            <beans:property name="userDnPatterns">
                <beans:list>
                    <beans:value>uid={0},ou=users</beans:value>
                </beans:list>
            </beans:property>
        </beans:bean>
    </beans:constructor-arg>
    <beans:constructor-arg>
        <beans:bean
            class="org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator">
            <beans:constructor-arg ref="contextSource" />
            <beans:constructor-arg value="ou=groups" />
            <beans:property name="groupRoleAttribute" value="ou" />
        </beans:bean>
    </beans:constructor-arg>
</beans:bean>

Below is a sample of my LDIF. How do I make jsmith a admin and guest a user?

dn: uid=jsmith,ou=users,dc=xxx,dc=com
objectClass: inetOrgPerson
uid: jsmith
sn: Smith
givenName: Johnathan
cn: Johnathan Smith
displayName: Johnathan Smith
userPassword: sabrina123

dn: cn=guest,ou=users,dc=xxx,dc=com
objectClass: organizationalPerson
objectClass: person
objectClass: inetOrgPerson
objectClass: top
cn: guest
sn: guest
uid: guest
userPassword: guest

Answer 1

用户目录记录中必须有一些成员值，才能使用DefaultLdapAuthoritiesPopulator进行检索。