Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Apache Shiro combined with LDAP

Tags:

security

ldap

I integrated Apache Shiro with a dummy user and it works just fine! But this framework has no tutorials online?! It's very hard to get into it as a beginner.

Can somebody help me integrating a ldap integration. I have only found information that it is not that difficult :-/

I started with configuring the realm:

   [main]
    myRealm = org.apache.shiro.realm.ldap.AbstractLdapRealm

But what to do next? How to configure it?

Thank's for any help

like image 279
Sven Avatar asked Aug 06 '10 08:08

Sven

3 Answers

The AbstractLdapRealm is abstract - you can't instantiate it directly or declare it as your realm. You will have to subclass this one and implement the necessary abstract methods.

You won't need to do this upon the next Shiro release - there is currently an issue open (https://issues.apache.org/jira/browse/SHIRO-127) to have a concrete implementation that can be used out of the box so 95% of end-users won't have to subclass the AbstractLdapRealm.

like image 84
Les Hazlewood Avatar answered Sep 28 '22 00:09

Les Hazlewood

This could be of little help. Check for the whole tutorial it covers simple and LDAP authentication. http://www.ibm.com/developerworks/web/library/wa-apacheshiro/

like image 33
Binu Paulmoni Avatar answered Sep 27 '22 23:09

Binu Paulmoni

Here is working example.

active.ini

ldapRealm = org.apache.shiro.realm.activedirectory.ActiveDirectoryRealm
ldapRealm.url = ldap://ldapserver:389

Code:

Factory<SecurityManager> ldapFactory = new IniSecurityManagerFactory("classpath:active.ini");
SecurityManager sManager = ldapFactory.getInstance();
SecurityUtils.setSecurityManager(sManager);

Subject currentUser = SecurityUtils.getSubject();

        if (!currentUser.isAuthenticated()) {
            UsernamePasswordToken token = new UsernamePasswordToken("user", "password");
            try {
                currentUser.login(token);
            } catch (UnknownAccountException ex) {
                logger.info("Unknown user");
            } catch (IncorrectCredentialsException ex) {
                logger.info("Incorrect credentials");
            } catch (LockedAccountException ex) {
                logger.info("Account is Locked");
            } catch (AuthenticationException ex) {
                logger.info("Authentication Exception");
            }
        }

        logger.info("User [" + currentUser.getPrincipal() +"] logged succesfully");
        currentUser.logout();
like image 35
YNChumak Avatar answered Sep 27 '22 22:09

YNChumak
Sign in to Comment

Related questions

SecurityException: BC provider not installed
Magento - Using custom Environment Variables for sensitive database info
Encrypt Mongo data in Meteorjs
ASP.Net MVC cookies - tamper resistant?
SSL Certificate: Signature Algorithm shows "sha256rsa" but thumbprint algorithm shows "sha1"
How to secure ajax content
Facebook Javascript SDK security issue?
Security issues I should be aware of with jupyter notebook?
Using innerHTML, and what are security concerns?
Win32: How to use RegisterTypeLib API from standard user
What is the best way to restrict access to a development website?
Sandboxing Java / Groovy / Freemarker Code - Preventing execution of specific methods
Restrict access to .NET assembly?
Secure Python intepreter?
Is there a way to modify a process DACL in C#
Using MS Anti XSS library for sanitizing HTML
Memory randomization as application security enhancement?
Authentication and authorization for RESTfull API (java jersery)
Deploying software on compromised machines
How to design authentication in a thick client, to be fail safe?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!