@Bean @ConditionalOnProperty(name = "spring.cloud.dataflow.security.authentication.ldap.enabled", havingValue = "true") @ConfigurationProperties(prefix = "spring.cloud.dataflow.security.authentication.ldap") public LdapSecurityProperties ldapSecurityProperties() { return new LdapSecurityProperties(); }
ldapConfigurer.rolePrefix(rolePrefix); if (this.ldapSecurityProperties.getRoleMappings() != null && !this.ldapSecurityProperties.getRoleMappings().isEmpty()) { final LdapAuthorityMapper ldapAuthorityMapper = new LdapAuthorityMapper(ldapSecurityProperties.getRoleMappings()); ldapAuthorityMapper.setRolePrefix(rolePrefix); ldapConfigurer.authoritiesMapper(ldapAuthorityMapper); ldapConfigurer.contextSource().url(ldapSecurityProperties.getUrl().toString()) .managerDn(ldapSecurityProperties.getManagerDn()) .managerPassword(ldapSecurityProperties.getManagerPassword()); if (!StringUtils.isEmpty(ldapSecurityProperties.getUserDnPattern())) { ldapConfigurer.userDnPatterns(ldapSecurityProperties.getUserDnPattern()); if (!StringUtils.isEmpty(ldapSecurityProperties.getUserSearchFilter())) { ldapConfigurer.userSearchBase(ldapSecurityProperties.getUserSearchBase()) .userSearchFilter(ldapSecurityProperties.getUserSearchFilter()); if (!StringUtils.isEmpty(ldapSecurityProperties.getGroupSearchFilter())) { ldapConfigurer.groupSearchBase(ldapSecurityProperties.getGroupSearchBase()) .groupSearchFilter(ldapSecurityProperties.getGroupSearchFilter()) .groupRoleAttribute(ldapSecurityProperties.getGroupRoleAttribute());
@Override public boolean isValid(Object value, ConstraintValidatorContext context) { if (!(value instanceof LdapSecurityProperties)) { throw new IllegalArgumentException("@LdapSecurityPropertiesValid only applies to LdapSecurityProperties"); } final LdapSecurityProperties ldapSecurityProperties = (LdapSecurityProperties) value; if (!ldapSecurityProperties.isEnabled()) { return true; } boolean isValid = true; if (!(StringUtils.isEmpty(ldapSecurityProperties.getUserDnPattern()) ^ StringUtils.isEmpty(ldapSecurityProperties.getUserSearchFilter()))) { context.buildConstraintViolationWithTemplate( "Exactly one of 'userDnPattern' or 'userSearch' must be provided").addConstraintViolation(); isValid = false; } return isValid; }