0

I'm trying to integrate spring authentication with embedded ldap.

I have user info in local ldif file.

User1 

 dn: uid=joe,ou=otherpeople,dc=springframework,dc=org
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
cn: Joe Smeth
sn: Smeth
uid: joe
userPassword: joespassword

User 2

dn: uid=bob,ou=people,dc=springframework,dc=org
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
cn: Bob Hamilton
sn: Hamilton
uid: bob
userPassword: bobspassword

Spring WebsecurityConfigFile

@Configuration
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http
            .authorizeRequests()
                .anyRequest().fullyAuthenticated()
                .and()
            .formLogin();
    }

    @Override
    public void configure(AuthenticationManagerBuilder auth) throws Exception {

        auth
            .ldapAuthentication()
                .userDnPatterns("uid={0},ou=people")
                .contextSource()
                    .url("ldap://localhost:8389/dc=springframework,dc=org")
                    .and()
                .passwordCompare()
                    .passwordAttribute("userPassword");
   }
}

userDnPattern in config file I have taken ou=people (uid={0},ou=people) so I'm able to authenticate bob. When it comes to joe his directory path is different. So I'm not able to login using joe's username and password.

enter image description here

What should be my SpringConfiguration for authenticating all the users irrespective of the directory structure?

Improve this question
5
  • 1
    I think this post answers your question. Commented Dec 16, 2019 at 8:20
  • Yeah using userSearchFilter I'm able to get all users. Commented Dec 16, 2019 at 10:47
  • Then you can close this post and leave a vote on the other one ;) Commented Dec 16, 2019 at 10:52
  • I'm adding spring configuration, if It doesn't add any value then will close the issue. Commented Dec 16, 2019 at 10:54
  • 1
    You can then accept the answer for others to find it more easily Commented Dec 19, 2019 at 16:17

1 Answer 1

Reset to default
1

Authentication for any user in the DIT (Directory information tree) using userSearchFilter.

Spring configuration is,

auth.ldapAuthentication()
            .userSearchFilter("(uid={0})")
                    .contextSource()
                        .url("ldap://localhost:8389/dc=springframework,dc=org")
                        .and()
                    .passwordCompare()        
                .passwordAttribute("userPassword");

Thanks @EricLavault

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.