Hi, I've added this thread to the wiki documentation:
http://appfuse.org/display/APF/LDAP+Authentication Cheers! El 23/06/2009, a las 18:46, Prabeshb escribió: > > Thanks Tomas, > It works well. I guess you should put this info in the wiki soon :-) > > Good job. > > Regards, > Prabesh Bhaskaran. > > > Tomas Reverter wrote: >> >> >> Prabeshb wrote: >>> >>> Hi, >>> I was trying to integrate the LDAP with the appfuse code. I have the JSF >>> archtype project and was trying to add the LDAP. I tired the tutorial >>> which is under the location >>> http://appfuse.org/display/APF/LDAP+Authentication but that does not >>> seems to be working. The document is based on the acegi security and >>> appfuse 1.9. Is there any document/tutorial for appfuse 2.0 and spring >>> security? >>> >>> Please share if there is any information regarding the LDAP integration >>> with Appfuse2.0 >>> >>> Looking forward for an early reply. >>> >>> Regards, >>> Prabesh >>> >>> >> >> Hi, >> >> Last week I configured Spring Security to connect to LDAP server. >> Basically 2 parts: configure dependencies and security.xml. >> >> In your pom.xml, add the dependencies: >> <dependencies> >> ... >> <dependency> >> <groupId>org.springframework.ldap</groupId> >> <artifactId>spring-ldap-core</artifactId> >> <version>${spring.ldap.version}</version> >> </dependency> >> <dependency> >> <groupId>org.springframework.ldap</groupId> >> <artifactId>spring-ldap-core-tiger</artifactId> >> <version>${spring.ldap.version}</version> >> </dependency> >> ... >> </dependencies> >> The steps in the security.xml file are: >> * Turn off the default password encoder >> >> <!-- >> <authentication-provider user-service-ref="userDao"> >> <password-encoder ref="passwordEncoder"/> >> </authentication-provider> >> --> >> >> * Configure the ldap server >> >> <ldap-server id="ldapServer" >> url="ldap://localhost:389/dc=example,dc=com"; >> manager-dn="cn=Manager,dc=example,dc=com" manager-password="pass"/> >> >> If you don't specify the manager-dn and manager-password the connection >> will be anonymous. >> >> * Configure the binding procedure (how ldap will do the autentication) and >> the populate procedure (how ldap will do the autorization, with this >> configuration you need to have a cn property in the LDAP to map the >> correct roles inside the application). >> >> <beans:bean id="userSearch" >> >> class="org.springframework.security.ldap.search.FilterBasedLdapUserSearch"> >> <beans:constructor-arg index="0" value=""/> >> <beans:constructor-arg index="1" value="(uid={0})"/> >> <beans:constructor-arg index="2" ref="ldapServer" /> >> </beans:bean> >> >> <beans:bean id="ldapAuthenticationProvider" >> >> class="org.springframework.security.providers.ldap.LdapAuthenticationProvider" >> autowire="default"> >> <custom-authentication-provider/> >> <beans:constructor-arg> >> <beans:bean >> class="org.springframework.security.providers.ldap.authenticator.BindAuthenticator"> >> <beans:constructor-arg ref="ldapServer"/> >> <beans:property name="userDnPatterns"> >> >> <beans:list><beans:value>uid={0},ou=People</beans:value></beans:list> >> </beans:property> >> <beans:property name="userSearch" ref="userSearch"/> >> </beans:bean> >> </beans:constructor-arg> >> <beans:constructor-arg> >> <beans:bean >> class="org.springframework.security.ldap.populator.DefaultLdapAuthoritiesPopulator"> >> <beans:constructor-arg ref="ldapServer"/> >> <beans:constructor-arg value="ou=People"/> >> <beans:property name="groupRoleAttribute" value="cn"/> >> <!-- <beans:property name="groupSearchFilter" >> value="(objectClass=*)"/> --> >> </beans:bean> >> </beans:constructor-arg> >> </beans:bean> >> >> You can create your custom Populator, in case of you want to have the >> mapping logic about what role have one user. >> >> And that's all! >> >> And one recommendation, you can configure the log4j.xml file to see what's >> happening in the spring security environment: >> >> <logger name="org.springframework.security"> >> <level value="DEBUG"/> >> </logger> >> >> <logger name="org.springframework.ldap"> >> <level value="DEBUG"/> >> </logger> >> >> I want to write this, and some other brief tutorials, on the AppFuse >> wiki... Soon :-) >> >> Regards, >> > > -- > View this message in context: > http://www.nabble.com/LDAP-integration-with-Appfuse2.0-tp24075028s2369p24167432.html > Sent from the AppFuse - User mailing list archive at Nabble.com. > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@appfuse.dev.java.net > For additional commands, e-mail: users-h...@appfuse.dev.java.net > --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@appfuse.dev.java.net For additional commands, e-mail: users-h...@appfuse.dev.java.net
