Description
Greg Turnquist (Migrated from SEC-2163) said:
Adding support for LdapAuthoritiesPopulator to Spring Active-Directory Authentication provider class.
Attached:
Modified version of - org.springframework.security.ldap.authentication.ad.ActiveDirectoryLdapAuthenticationProvider.java
Based on the same original Spring source file, I have performed four code edits:
renamed method: loadUserAuthorities to loadUserAuthoritiesFromMemberOf (line 170)
added method: @OverRide loadUserAuthorities - for extended functionality (line 138)
added constructor: public ActiveDirectoryLdapAuthenticationProvider(String domain, String url, LdapAuthoritiesPopulator externalAuthoritiesPopulator) (line 110)
added member: private LdapAuthoritiesPopulator externalAuthoritiesPopulator (line 86)
and added one sentence comment at line 34 and author annotation at line 66
The following is standard code snippet using Spring Security 3.1.3 -
Usage without populator (present) -
<bean id="adAuthenticationProvider" class="org.springframework.security.ldap.authentication.ad.ActiveDirectoryLdapAuthenticationProvider">
<constructor-arg value="$
{ActiveDirectoryLdap.domain}" />
<constructor-arg value="${ActiveDirectoryLdap.url}" />
</bean>
Usage with populator (proposed) -
<bean id="adAuthenticationProvider" class="org.springframework.security.ldap.authentication.ad.ActiveDirectoryLdapAuthenticationProvider">
<constructor-arg value="${ActiveDirectoryLdap.domain}
" />
<constructor-arg value="$
{ActiveDirectoryLdap.url}
" />
<constructor-arg><!-- Optional parameter -->
<bean class="com.yourpackage.jaas.ad.AppAuthoritiesPopulatorImpl">
<property name="appService" >
<bean class="com.yourpackage.service.AppService" >
<property name="userRoleDAO" >
<bean class="com.yourpackage.dao.UserRoleDAO" >
<property name="sessionFactory" ref="sessionFactory" />
</bean>
</property>
</bean>
</property>
</bean>
</constructor-arg>
</bean>
<!-- describing above dependency references -->
<bean id="sessionFactory" class="org.springframework.orm.hibernate4.LocalSessionFactoryBean">
<property name="dataSource" ref="dataSource"></property>
...
</bean>
<bean id="dataSource" class="org.springframework.jndi.JndiObjectFactoryBean">
<property name="jndiName" value="$
{yourJndi}
"></property>
...
</bean>
<sec:authentication-manager alias="authenticationManager">
<sec:authentication-provider ref="adAuthenticationProvider" />
</sec:authentication-manager>