@Override public void configure(AuthenticationManagerBuilder auth) throws Exception { auth .ldapAuthentication() .userDnPatterns("uid={0},ou=people") .groupSearchBase("ou=groups") .contextSource() .url("ldap://localhost:8389/dc=springframework,dc=org") .and() .passwordCompare() .passwordEncoder(new LdapShaPasswordEncoder()) .passwordAttribute("userPassword"); }
/** * Add LDAP authentication to the {@link AuthenticationManagerBuilder} and return a * {@link LdapAuthenticationProviderConfigurer} to allow customization of the LDAP * authentication. * * <p> * This method <b>does NOT</b> ensure that a {@link UserDetailsService} is available * for the {@link #getDefaultUserDetailsService()} method. * * @return a {@link LdapAuthenticationProviderConfigurer} to allow customization of * the LDAP authentication * @throws Exception if an error occurs when adding the LDAP authentication */ public LdapAuthenticationProviderConfigurer<AuthenticationManagerBuilder> ldapAuthentication() throws Exception { return apply(new LdapAuthenticationProviderConfigurer<>()); }
@Override public void configure(B builder) throws Exception { LdapAuthenticationProvider provider = postProcess(build()); builder.authenticationProvider(provider); }
/** * Creates the {@link LdapAuthenticator} to use * * @param contextSource the {@link BaseLdapPathContextSource} to use * @return the {@link LdapAuthenticator} to use */ private LdapAuthenticator createLdapAuthenticator( BaseLdapPathContextSource contextSource) { AbstractLdapAuthenticator ldapAuthenticator = passwordEncoder == null ? createBindAuthenticator(contextSource) : createPasswordCompareAuthenticator(contextSource); LdapUserSearch userSearch = createUserSearch(); if (userSearch != null) { ldapAuthenticator.setUserSearch(userSearch); } if (userDnPatterns != null && userDnPatterns.length > 0) { ldapAuthenticator.setUserDnPatterns(userDnPatterns); } return postProcess(ldapAuthenticator); }
private LdapAuthenticationProvider build() throws Exception { BaseLdapPathContextSource contextSource = getContextSource(); LdapAuthenticator ldapAuthenticator = createLdapAuthenticator(contextSource); LdapAuthoritiesPopulator authoritiesPopulator = getLdapAuthoritiesPopulator(); LdapAuthenticationProvider ldapAuthenticationProvider = new LdapAuthenticationProvider( ldapAuthenticator, authoritiesPopulator); ldapAuthenticationProvider.setAuthoritiesMapper(getAuthoritiesMapper()); if (userDetailsContextMapper != null) { ldapAuthenticationProvider .setUserDetailsContextMapper(userDetailsContextMapper); } return ldapAuthenticationProvider; }
if (userDNPattern == null || userDNPattern.isEmpty()) { ldapAuthenticationProviderConfigurer .userSearchBase(environment.getProperty("security.providers[" + providerIdx + "].user-search-base")) .userSearchFilter(environment.getProperty("security.providers[" + providerIdx + "].user-search-filter")); } else { ldapAuthenticationProviderConfigurer.userDnPatterns(userDNPattern); .groupSearchBase(environment.getProperty("security.providers[" + providerIdx + "].group-search-base", "")) .groupSearchFilter(environment.getProperty("security.providers[" + providerIdx + "].group-search-filter", "(uniqueMember={0})")) .groupRoleAttribute(environment.getProperty("security.providers[" + providerIdx + "].group-role-attribute", "cn")) .rolePrefix(""); populator.setRolePrefix(""); ldapAuthenticationProviderConfigurer.ldapAuthoritiesPopulator(populator).contextSource(contextSource); userDetailsContextPropertiesMapper.setAuthenticationProviderId(providerIdx); userDetailsContextPropertiesMapper.setEnvironment(environment); ldapAuthenticationProviderConfigurer.userDetailsContextMapper(userDetailsContextPropertiesMapper);
LOG.debug("Setting up LDAP authentication against {}.", providerUrl); auth.ldapAuthentication() .userDnPatterns(userDnPatterns) .userSearchBase(userSearchBase) .userSearchFilter(userSearchFilter) .groupRoleAttribute(groupRoleAttribute) .groupSearchFilter(groupSearchFilter) .groupSearchBase(groupSearchBase) .contextSource() .url(providerUrl) .managerDn(providerUserDn) .managerPassword(providerPassword) .and() .passwordCompare() .passwordEncoder(new LdapShaPasswordEncoder()) .passwordAttribute(passwordAttribute);
.userDetailsContextMapper(new LdapUserDetailsService(ldapAppProperties)) .rolePrefix("") .userDnPatterns(ldapAppProperties.getUserDnPattern()) .groupRoleAttribute(ldapAppProperties.getGroupRoleAttribute()) .groupSearchBase(ldapAppProperties.getGroupSearchBase()) .contextSource() .url(ldapAppProperties.getUrl()) .managerDn(managerDn) .managerPassword(managerDnPassword) .and() .passwordCompare() .passwordEncoder(encoderClass.getDeclaredConstructor().newInstance()) .passwordAttribute(ldapAppProperties.getPasswordAttribute());
@Override public void configure(AuthenticationManagerBuilder auth) throws Exception { auth .ldapAuthentication() .userSearchFilter("(sAMAccountName={0})") .userSearchBase("OU=Mirante User,DC=miranteinfo,DC=com") .rolePrefix("ROLE_") .groupSearchBase("OU=GruposGS,DC=miranteinfo,DC=com") .groupSearchFilter("(member={0})") .userDetailsContextMapper(peticionamentoUserDetailService.orElseThrow(() -> SingularServerException.rethrow( String.format("Bean %s do tipo %s não pode ser nulo. Para utilizar a configuração de segurança %s é preciso declarar um bean do tipo %s identificado pelo nome %s .", SingularUserDetailsService.class.getName(), "SingularUserDetailsService", SingularMiranteADSpringSecurityConfig.class.getName(), SingularUserDetailsService.class.getName(), "SingularUserDetailsService" )) ) ) .contextSource() .managerDn("tomcatLogin") .managerPassword("jnditomcat") .root("DC=miranteinfo,DC=com") .url("ldap://LUA.miranteinfo.com:389/"); }
@Autowired public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception { if (ShepherConstants.LOGIN_TYPE_LDAP.equals(loginType.toUpperCase())) { auth.ldapAuthentication() .userDnPatterns("uid={0},ou=people") .groupSearchBase("ou=groups") .contextSource() .url(ldapUrl) .managerPassword(ldapPassword) .managerDn(ldapDn); } else if (ShepherConstants.LOGIN_TYPE_DEMO.equals(loginType.toUpperCase())) { auth.inMemoryAuthentication() .withUser(demoAdminName) .password(demoAdminPassword) .roles("USER"); } } }
@Override protected void configure(AuthenticationManagerBuilder auth) throws Exception { if(Boolean.parseBoolean(ldapEnabled)) { auth .ldapAuthentication() .contextSource() .url(ldapUrls + ldapBaseDn) .managerDn(ldapSecurityPrincipal) .managerPassword(ldapPrincipalPassword) .and() .userDnPatterns(ldapUserDnPattern); } else { auth .inMemoryAuthentication() .withUser("user").password("password").roles("USER") .and() .withUser("admin").password("admin").roles("ADMIN"); } }
@Test public void getAuthoritiesMapper() throws Exception { assertThat(configurer.getAuthoritiesMapper()).isInstanceOf(SimpleAuthorityMapper.class); configurer.authoritiesMapper(new NullAuthoritiesMapper()); assertThat(configurer.getAuthoritiesMapper()).isInstanceOf(NullAuthoritiesMapper.class); } }
private BaseLdapPathContextSource getContextSource() throws Exception { if (contextSource == null) { contextSource = contextSourceBuilder.build(); } return contextSource; }
private LdapAuthenticationProvider build() throws Exception { BaseLdapPathContextSource contextSource = getContextSource(); LdapAuthenticator ldapAuthenticator = createLdapAuthenticator(contextSource); DefaultLdapAuthoritiesPopulator authoritiesPopulator = new DefaultLdapAuthoritiesPopulator( contextSource, groupSearchBase); authoritiesPopulator.setGroupRoleAttribute(groupRoleAttribute); authoritiesPopulator.setGroupSearchFilter(groupSearchFilter); LdapAuthenticationProvider ldapAuthenticationProvider = new LdapAuthenticationProvider( ldapAuthenticator, authoritiesPopulator); SimpleAuthorityMapper simpleAuthorityMapper = new SimpleAuthorityMapper(); simpleAuthorityMapper.setPrefix(rolePrefix); simpleAuthorityMapper.afterPropertiesSet(); ldapAuthenticationProvider.setAuthoritiesMapper(simpleAuthorityMapper); if(userDetailsContextMapper != null) { ldapAuthenticationProvider.setUserDetailsContextMapper(userDetailsContextMapper); } return ldapAuthenticationProvider; }
ldapConfigurer.rolePrefix(rolePrefix); ldapConfigurer.authoritiesMapper(ldapAuthorityMapper); ldapConfigurer.contextSource().url(ldapSecurityProperties.getUrl().toString()) .managerDn(ldapSecurityProperties.getManagerDn()) .managerPassword(ldapSecurityProperties.getManagerPassword()); ldapConfigurer.userDnPatterns(ldapSecurityProperties.getUserDnPattern()); ldapConfigurer.userSearchBase(ldapSecurityProperties.getUserSearchBase()) .userSearchFilter(ldapSecurityProperties.getUserSearchFilter()); ldapConfigurer.groupSearchBase(ldapSecurityProperties.getGroupSearchBase()) .groupSearchFilter(ldapSecurityProperties.getGroupSearchFilter()) .groupRoleAttribute(ldapSecurityProperties.getGroupRoleAttribute()); ldapConfigurer.ldapAuthoritiesPopulator(new LdapAuthoritiesPopulator() { @Override public Collection<? extends GrantedAuthority> getGrantedAuthorities(DirContextOperations userData,
private LdapAuthenticationProvider build() throws Exception { BaseLdapPathContextSource contextSource = getContextSource(); LdapAuthenticator ldapAuthenticator = createLdapAuthenticator(contextSource); LdapAuthoritiesPopulator authoritiesPopulator = getLdapAuthoritiesPopulator(); LdapAuthenticationProvider ldapAuthenticationProvider = new LdapAuthenticationProvider( ldapAuthenticator, authoritiesPopulator); ldapAuthenticationProvider.setAuthoritiesMapper(getAuthoritiesMapper()); if (userDetailsContextMapper != null) { ldapAuthenticationProvider .setUserDetailsContextMapper(userDetailsContextMapper); } return ldapAuthenticationProvider; }
private BaseLdapPathContextSource getContextSource() throws Exception { if (contextSource == null) { contextSource = contextSourceBuilder.build(); } return contextSource; }
/** * Creates the {@link LdapAuthenticator} to use * * @param contextSource the {@link BaseLdapPathContextSource} to use * @return the {@link LdapAuthenticator} to use */ private LdapAuthenticator createLdapAuthenticator( BaseLdapPathContextSource contextSource) { AbstractLdapAuthenticator ldapAuthenticator = passwordEncoder == null ? createBindAuthenticator(contextSource) : createPasswordCompareAuthenticator(contextSource); LdapUserSearch userSearch = createUserSearch(); if (userSearch != null) { ldapAuthenticator.setUserSearch(userSearch); } if (userDnPatterns != null && userDnPatterns.length > 0) { ldapAuthenticator.setUserDnPatterns(userDnPatterns); } return postProcess(ldapAuthenticator); }
private LdapAuthenticationProvider build() throws Exception { BaseLdapPathContextSource contextSource = getContextSource(); LdapAuthenticator ldapAuthenticator = createLdapAuthenticator(contextSource); LdapAuthoritiesPopulator authoritiesPopulator = getLdapAuthoritiesPopulator(); LdapAuthenticationProvider ldapAuthenticationProvider = new LdapAuthenticationProvider( ldapAuthenticator, authoritiesPopulator); ldapAuthenticationProvider.setAuthoritiesMapper(getAuthoritiesMapper()); if (userDetailsContextMapper != null) { ldapAuthenticationProvider .setUserDetailsContextMapper(userDetailsContextMapper); } return ldapAuthenticationProvider; }
@Override public void configure(B builder) throws Exception { LdapAuthenticationProvider provider = postProcess(build()); builder.authenticationProvider(provider); }