|

»

LDAP integration with Appfuse2.0

View: New views

3 Messages — Rating Filter: Alert me

	LDAP integration with Appfuse2.0 by Prabeshb :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Hi, I was trying to integrate the LDAP with the appfuse code. I have the JSF archtype project and was trying to add the LDAP. I tired the tutorial which is under the location http://appfuse.org/display/APF/LDAP+Authentication but that does not seems to be working. The document is based on the acegi security and appfuse 1.9. Is there any document/tutorial for appfuse 2.0 and spring security? Please share if there is any information regarding the LDAP integration with Appfuse2.0 Looking forward for an early reply. Regards, Prabesh Regards, Prabesh Bhaskaran. [http://bprabesh.blogspot.com]
	Re: LDAP integration with Appfuse2.0 by Tomas Reverter :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Prabeshb wrote: Hi, I was trying to integrate the LDAP with the appfuse code. I have the JSF archtype project and was trying to add the LDAP. I tired the tutorial which is under the location http://appfuse.org/display/APF/LDAP+Authentication but that does not seems to be working. The document is based on the acegi security and appfuse 1.9. Is there any document/tutorial for appfuse 2.0 and spring security? Please share if there is any information regarding the LDAP integration with Appfuse2.0 Looking forward for an early reply. Regards, Prabesh Hi, Last week I configured Spring Security to connect to LDAP server. Basically 2 parts: configure dependencies and security.xml. In your pom.xml, add the dependencies: <dependencies> ... <dependency> <groupId>org.springframework.ldap</groupId> <artifactId>spring-ldap-core</artifactId> <version>${spring.ldap.version}</version> </dependency> <dependency> <groupId>org.springframework.ldap</groupId> <artifactId>spring-ldap-core-tiger</artifactId> <version>${spring.ldap.version}</version> </dependency> ... </dependencies> The steps in the security.xml file are: * Turn off the default password encoder <!-- <authentication-provider user-service-ref="userDao"> <password-encoder ref="passwordEncoder"/> </authentication-provider> --> * Configure the ldap server <ldap-server id="ldapServer" url="ldap://localhost:389/dc=example,dc=com" manager-dn="cn=Manager,dc=example,dc=com" manager-password="pass"/> If you don't specify the manager-dn and manager-password the connection will be anonymous. * Configure the binding procedure (how ldap will do the autentication) and the populate procedure (how ldap will do the autorization, with this configuration you need to have a cn property in the LDAP to map the correct roles inside the application). <beans:bean id="userSearch" class="org.springframework.security.ldap.search.FilterBasedLdapUserSearch"> <beans:constructor-arg index="0" value=""/> <beans:constructor-arg index="1" value="(uid={0})"/> <beans:constructor-arg index="2" ref="ldapServer" /> </beans:bean> <beans:bean id="ldapAuthenticationProvider" class="org.springframework.security.providers.ldap.LdapAuthenticationProvider" autowire="default"> <custom-authentication-provider/> <beans:constructor-arg> <beans:bean class="org.springframework.security.providers.ldap.authenticator.BindAuthenticator"> <beans:constructor-arg ref="ldapServer"/> <beans:property name="userDnPatterns"> <beans:list><beans:value>uid={0},ou=People</beans:value></beans:list> </beans:property> <beans:property name="userSearch" ref="userSearch"/> </beans:bean> </beans:constructor-arg> <beans:constructor-arg> <beans:bean class="org.springframework.security.ldap.populator.DefaultLdapAuthoritiesPopulator"> <beans:constructor-arg ref="ldapServer"/> <beans:constructor-arg value="ou=People"/> <beans:property name="groupRoleAttribute" value="cn"/> <!-- <beans:property name="groupSearchFilter" value="(objectClass=*)"/> --> </beans:bean> </beans:constructor-arg> </beans:bean> You can create your custom Populator, in case of you want to have the mapping logic about what role have one user. And that's all! And one recommendation, you can configure the log4j.xml file to see what's happening in the spring security environment: <logger name="org.springframework.security"> <level value="DEBUG"/> </logger> <logger name="org.springframework.ldap"> <level value="DEBUG"/> </logger> I want to write this, and some other brief tutorials, on the AppFuse wiki... Soon Regards, Tomàs Reverter Morelló tomas.reverter (at) urv.cat
	Re: LDAP integration with Appfuse2.0 by Prabeshb :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Thanks Tomas, It works well. I guess you should put this info in the wiki soon Good job. Regards, Prabesh Bhaskaran. Tomas Reverter wrote: Prabeshb wrote: Hi, I was trying to integrate the LDAP with the appfuse code. I have the JSF archtype project and was trying to add the LDAP. I tired the tutorial which is under the location http://appfuse.org/display/APF/LDAP+Authentication but that does not seems to be working. The document is based on the acegi security and appfuse 1.9. Is there any document/tutorial for appfuse 2.0 and spring security? Please share if there is any information regarding the LDAP integration with Appfuse2.0 Looking forward for an early reply. Regards, Prabesh Hi, Last week I configured Spring Security to connect to LDAP server. Basically 2 parts: configure dependencies and security.xml. In your pom.xml, add the dependencies: <dependencies> ... <dependency> <groupId>org.springframework.ldap</groupId> <artifactId>spring-ldap-core</artifactId> <version>${spring.ldap.version}</version> </dependency> <dependency> <groupId>org.springframework.ldap</groupId> <artifactId>spring-ldap-core-tiger</artifactId> <version>${spring.ldap.version}</version> </dependency> ... </dependencies> The steps in the security.xml file are: * Turn off the default password encoder <!-- <authentication-provider user-service-ref="userDao"> <password-encoder ref="passwordEncoder"/> </authentication-provider> --> * Configure the ldap server <ldap-server id="ldapServer" url="ldap://localhost:389/dc=example,dc=com" manager-dn="cn=Manager,dc=example,dc=com" manager-password="pass"/> If you don't specify the manager-dn and manager-password the connection will be anonymous. * Configure the binding procedure (how ldap will do the autentication) and the populate procedure (how ldap will do the autorization, with this configuration you need to have a cn property in the LDAP to map the correct roles inside the application). <beans:bean id="userSearch" class="org.springframework.security.ldap.search.FilterBasedLdapUserSearch"> <beans:constructor-arg index="0" value=""/> <beans:constructor-arg index="1" value="(uid={0})"/> <beans:constructor-arg index="2" ref="ldapServer" /> </beans:bean> <beans:bean id="ldapAuthenticationProvider" class="org.springframework.security.providers.ldap.LdapAuthenticationProvider" autowire="default"> <custom-authentication-provider/> <beans:constructor-arg> <beans:bean class="org.springframework.security.providers.ldap.authenticator.BindAuthenticator"> <beans:constructor-arg ref="ldapServer"/> <beans:property name="userDnPatterns"> <beans:list><beans:value>uid={0},ou=People</beans:value></beans:list> </beans:property> <beans:property name="userSearch" ref="userSearch"/> </beans:bean> </beans:constructor-arg> <beans:constructor-arg> <beans:bean class="org.springframework.security.ldap.populator.DefaultLdapAuthoritiesPopulator"> <beans:constructor-arg ref="ldapServer"/> <beans:constructor-arg value="ou=People"/> <beans:property name="groupRoleAttribute" value="cn"/> <!-- <beans:property name="groupSearchFilter" value="(objectClass=*)"/> --> </beans:bean> </beans:constructor-arg> </beans:bean> You can create your custom Populator, in case of you want to have the mapping logic about what role have one user. And that's all! And one recommendation, you can configure the log4j.xml file to see what's happening in the spring security environment: <logger name="org.springframework.security"> <level value="DEBUG"/> </logger> <logger name="org.springframework.ldap"> <level value="DEBUG"/> </logger> I want to write this, and some other brief tutorials, on the AppFuse wiki... Soon Regards, Regards, Prabesh Bhaskaran. [http://bprabesh.blogspot.com]