How to do LDAP authentication and database Authorization in Spring security?

Question

I'm new to Spring, so this question may look like so obvious.

I'm trying to implement Spring security and my requirement is to authenticate the user name/password against a LDAP server and once the user is authenticated, I need to retrieve the user roles from a relational database.

is it possible to do this in Spring security?

Answer 1

Yes.

The build-in ldap authentication manager splits the authentication and authorisation of a user into 2 parts You can configure a LDAP based authentiication manager like below.

<bean id="authenticationManager" class="org.acegisecurity.providers.ProviderManager">
    <property name="providers">
        <list>
            <ref local="ldapAuthenticationProvider"/>
        </list>
    </property> 
</bean>

The authentication provider is configured like this.

<bean id="ldapAuthenticationProvider" class="org.acegisecurity.providers.ldap.LdapAuthenticationProvider">
    <constructor-arg><ref local="authenticator"/></constructor-arg>
    <constructor-arg><ref local="populator"/></constructor-arg>
    <property name="userCache"><ref local="userCache"/></property>
</bean>

I don't know if there's a built-in populator that will do what you want, but you can develop your own one if required.