Menu
I am trying to make Spring Security 3.05 to work with a modified UserDetailsContextMapper so that i can get a few more info out of LDAP they way i need to, a task that seems fairly straightforward, but had no success.
I have configured Spring Security to use LDAP authentication with the following beans:
<bean id="contextSource"
class="org.springframework.security.ldap.DefaultSpringSecurityContextSource">
<constructor-arg value="ldaps://192.168.1.102:636" />
<property name="userDn" value="manager" />
<property name="password" value="password" />
</bean>
<bean id="ldapAuthProvider"
class="org.springframework.security.ldap.authentication.LdapAuthenticationProvider">
<constructor-arg>
<bean class="org.springframework.security.ldap.authentication.BindAuthenticator">
<constructor-arg ref="contextSource" />
<property name="userSearch">
<bean id="userSearch" class="org.springframework.security.ldap.search.FilterBasedLdapUserSearch">
<constructor-arg index="0" value="" />
<constructor-arg index="1" value="(mail={0})" />
<constructor-arg index="2" ref="contextSource" />
</bean>
</property>
</bean>
</constructor-arg>
<property name="userDetailsContextMapper" ref="myContextMapper" />
</bean>
However even though i have defined myContextMapper as:
<bean id="myContextMapper" class="com.mypackage.MyLDAPUserDetailsMapper">
<property name="rolePrefix" value="TEST_PREFIX" />
</bean>
it does not work. meaning that the custom mapper is ignored (i get no debug output whatsoever).
p.s. applicationContext-security.xml can be seen below and apart from the custom UserDetailsMapper that's been ignored, authentication and role assignment is working fine.
<authentication-manager>
<ldap-authentication-provider server-ref="contextSource"/>
</authentication-manager>
465
The ldapAuthentication() method configures things so that the user name at the login form is plugged into {0} such that it searches uid={0},ou=people,dc=springframework,dc=org in the LDAP server. Also, the passwordCompare() method configures the encoder and the name of the password's attribute.
LDAP is often used by organizations as a central repository for user information and as an authentication service. It can also be used to store the role information for application users.
Which authentication is best in Spring boot? You can use custom token based implementation, you can create a custom token that you can store in DB but JWT is a good choice.
You don't need to configure the in-built UserDetailsContextMapper classes. Spring Security automatically picks up the correct UserDetailsContextMapper based on the type of LdapUserDetails class requested, which is configured by user-details-class attribute of ldap-authentication-provider. If you are using your own context mapper then configure it using the attribute user-context-mapper-ref.
119
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
