We have an AppFuse 1.9.3 app that connects to an AD server. Here is the
relevant part of our security.xml file.
Nathan
----
<!-- ========== LDAP START ========= -->
<bean id="initialDirContextFactory"
class="org.acegisecurity.ldap.DefaultInitialDirContextFactory">
<constructor-arg
value="ldap://adserver.domain.local:389/dc=domain,dc=local"/>
<property
name="managerDn"><value>cn=admin,cn=users,dc=domain,dc=local</value></property>
<property name="managerPassword"><value>strongPassword</value></property>
</bean>
<bean id="userSearch"
class="org.acegisecurity.ldap.search.FilterBasedLdapUserSearch">
<constructor-arg index="0">
<value>cn=users</value>
</constructor-arg>
<constructor-arg index="1">
<value>(sAMAccountName={0})</value>
</constructor-arg>
<constructor-arg index="2">
<ref local="initialDirContextFactory" />
</constructor-arg>
<property name="searchSubtree">
<value>true</value>
</property>
</bean>
<bean id="ldapAuthProvider"
class="org.acegisecurity.providers.ldap.LdapAuthenticationProvider">
<constructor-arg>
<bean
class="org.acegisecurity.providers.ldap.authenticator.BindAuthenticator">
<constructor-arg><ref
local="initialDirContextFactory"/></constructor-arg>
<property name="userSearch" ref="userSearch"/>
<!--property
name="userDnPatterns"><list><value>sAMAccountName={0},cn=users</value></list></property-->
</bean>
</constructor-arg>
<constructor-arg>
<bean
class="org.acegisecurity.providers.ldap.populator.DefaultLdapAuthoritiesPopulator">
<constructor-arg><ref
local="initialDirContextFactory"/></constructor-arg>
<constructor-arg><value>cn=users</value></constructor-arg>
<property name="groupRoleAttribute"><value>cn</value></property>
</bean>
</constructor-arg>
</bean>
<!-- ========== LDAP END ========= -->
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
