I may be just failing to understand how to configure the security.xml file. I do not seem to be authenticating against LDAP at all. I realize that this is more of a spring question, but how do you specify that you want to use LDAP instead of jdbc? I'm currently not even attempting to authenticate over LDAP - it's still hitting the database for authentication.
In the security.xml file are two entries that I guess I don't fully understand. <authentication-manager alias='authenticationManagerAlias'/> <authentication-provider user-service-ref="rollerUserService"/> I read some documentation on Spring-security 2.0, (http://static.springsource.org/spring-security/site/docs/2.0.x/reference/ldap.html), but I'm afraid I don't understand why I am failing to authenticate via ldap. I thought I could modify the authentication manager to specify the ldapAuthProvider in the example security.xml file, but that didn't seem to work. Here's what I tried. I commented out <!-- <authentication-manager alias='authenticationManagerAlias'/> --> and added <beans:bean id="authenticationManager" class="org.springframework.security.providers.ProviderManager" name="authenticationManagerAlias"> <beans:property name="providers"> <beans:list> <beans:ref local="ldapAuthProvider"/> <beans:ref local="openIDAuthProvider"/> </beans:list> </beans:property> </beans:bean> I also tried at one point adding in things like this: (like in the example documentation) <ldap-server url="ldap://springframework.org:389/dc=springframework,dc=org"; /> but there wasn't any change and so I took those out. Before this week I hadn't done anything with spring, so I apologize if this is a newbie question. I imagine (based on the roller dev archives) that this will be a fairly popular question after the 5.0 release. Well, thanks in advance for any help you can offer. On Tue, Feb 2, 2010 at 1:35 PM, Dave <[email protected]> wrote: > Yes to both questions. Externalized User Management is in trunk and I > can help you get started with it by answering your questions (but as > you've seen I can't guarantee quick response ;-) > > - Dave
