Prabeshb wrote:
>
> Hi,
> I was trying to integrate the LDAP with the appfuse code. I have the JSF
> archtype project and was trying to add the LDAP. I tired the tutorial
> which is under the location
> http://appfuse.org/display/APF/LDAP+Authentication but that does not seems
> to be working. The document is based on the acegi security and appfuse
> 1.9. Is there any document/tutorial for appfuse 2.0 and spring security?
>
> Please share if there is any information regarding the LDAP integration
> with Appfuse2.0
>
> Looking forward for an early reply.
>
> Regards,
> Prabesh
>
>
Hi,
Last week I configured Spring Security to connect to LDAP server. Basically
2 parts: configure dependencies and security.xml.
In your pom.xml, add the dependencies:
<dependencies>
...
<dependency>
<groupId>org.springframework.ldap</groupId>
<artifactId>spring-ldap-core</artifactId>
<version>${spring.ldap.version}</version>
</dependency>
<dependency>
<groupId>org.springframework.ldap</groupId>
<artifactId>spring-ldap-core-tiger</artifactId>
<version>${spring.ldap.version}</version>
</dependency>
...
</dependencies>
The steps in the security.xml file are:
* Turn off the default password encoder
<!--
<authentication-provider user-service-ref="userDao">
<password-encoder ref="passwordEncoder"/>
</authentication-provider>
-->
* Configure the ldap server
<ldap-server id="ldapServer"
url="ldap://localhost:389/dc=example,dc=com";
manager-dn="cn=Manager,dc=example,dc=com" manager-password="pass"/>
If you don't specify the manager-dn and manager-password the connection will
be anonymous.
* Configure the binding procedure (how ldap will do the autentication) and
the populate procedure (how ldap will do the autorization, with this
configuration you need to have a cn property in the LDAP to map the correct
roles inside the application).
<beans:bean id="userSearch"
class="org.springframework.security.ldap.search.FilterBasedLdapUserSearch">
<beans:constructor-arg index="0" value=""/>
<beans:constructor-arg index="1" value="(uid={0})"/>
<beans:constructor-arg index="2" ref="ldapServer" />
</beans:bean>
<beans:bean id="ldapAuthenticationProvider"
class="org.springframework.security.providers.ldap.LdapAuthenticationProvider"
autowire="default">
<custom-authentication-provider/>
<beans:constructor-arg>
<beans:bean
class="org.springframework.security.providers.ldap.authenticator.BindAuthenticator">
<beans:constructor-arg ref="ldapServer"/>
<beans:property name="userDnPatterns">
<beans:list><beans:value>uid={0},ou=People</beans:value></beans:list>
</beans:property>
<beans:property name="userSearch" ref="userSearch"/>
</beans:bean>
</beans:constructor-arg>
<beans:constructor-arg>
<beans:bean
class="org.springframework.security.ldap.populator.DefaultLdapAuthoritiesPopulator">
<beans:constructor-arg ref="ldapServer"/>
<beans:constructor-arg value="ou=People"/>
<beans:property name="groupRoleAttribute" value="cn"/>
<!-- <beans:property name="groupSearchFilter"
value="(objectClass=*)"/> -->
</beans:bean>
</beans:constructor-arg>
</beans:bean>
You can create your custom Populator, in case of you want to have the
mapping logic about what role have one user.
And that's all!
And one recommendation, you can configure the log4j.xml file to see what's
happening in the spring security environment:
<logger name="org.springframework.security">
<level value="DEBUG"/>
</logger>
<logger name="org.springframework.ldap">
<level value="DEBUG"/>
</logger>
I want to write this, and some other brief tutorials, on the AppFuse wiki...
Soon :-)
Regards,
--
View this message in context:
http://www.nabble.com/LDAP-integration-with-Appfuse2.0-tp24075028s2369p24164686.html
Sent from the AppFuse - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@appfuse.dev.java.net
For additional commands, e-mail: users-h...@appfuse.dev.java.net
