Examples with DefaultSpringSecurityContextSource org.springframework.security.ldap.DefaultSpringSecurityContextSource used on opensource projects

Search in sources :

Example 21 with DefaultSpringSecurityContextSource

use of org.springframework.security.ldap.DefaultSpringSecurityContextSource in project atlas by apache.

the class AtlasLdapAuthenticationProvider method getLdapContextSource.

private LdapContextSource getLdapContextSource() throws Exception {
    LdapContextSource ldapContextSource = new DefaultSpringSecurityContextSource(ldapURL);
    ldapContextSource.setUserDn(ldapBindDN);
    ldapContextSource.setPassword(ldapBindPassword);
    ldapContextSource.setReferral(ldapReferral);
    ldapContextSource.setCacheEnvironmentProperties(false);
    ldapContextSource.setAnonymousReadOnly(false);
    ldapContextSource.setPooled(true);
    ldapContextSource.afterPropertiesSet();
    return ldapContextSource;
}
Also used : DefaultSpringSecurityContextSource(org.springframework.security.ldap.DefaultSpringSecurityContextSource) LdapContextSource(org.springframework.ldap.core.support.LdapContextSource)

Example 22 with DefaultSpringSecurityContextSource

use of org.springframework.security.ldap.DefaultSpringSecurityContextSource in project ranger by apache.

the class RangerAuthenticationProvider method getLdapAuthentication.

private Authentication getLdapAuthentication(Authentication authentication) {
    try {
        // getting ldap settings
        String rangerLdapURL = PropertiesUtil.getProperty("ranger.ldap.url", "");
        String rangerLdapUserDNPattern = PropertiesUtil.getProperty("ranger.ldap.user.dnpattern", "");
        String rangerLdapGroupSearchBase = PropertiesUtil.getProperty("ranger.ldap.group.searchbase", "");
        String rangerLdapGroupSearchFilter = PropertiesUtil.getProperty("ranger.ldap.group.searchfilter", "");
        String rangerLdapGroupRoleAttribute = PropertiesUtil.getProperty("ranger.ldap.group.roleattribute", "");
        String rangerLdapDefaultRole = PropertiesUtil.getProperty("ranger.ldap.default.role", "ROLE_USER");
        boolean rangerIsStartTlsEnabled = Boolean.valueOf(PropertiesUtil.getProperty("ranger.ldap.starttls", "false"));
        // taking the user-name and password from the authentication
        // object.
        String userName = authentication.getName();
        String userPassword = "";
        if (authentication.getCredentials() != null) {
            userPassword = authentication.getCredentials().toString();
        }
        // populating LDAP context source with LDAP URL and user-DN-pattern
        LdapContextSource ldapContextSource = new DefaultSpringSecurityContextSource(rangerLdapURL);
        if (rangerIsStartTlsEnabled) {
            ldapContextSource.setPooled(false);
            ldapContextSource.setAuthenticationStrategy(new DefaultTlsDirContextAuthenticationStrategy());
        }
        ldapContextSource.setCacheEnvironmentProperties(false);
        ldapContextSource.setAnonymousReadOnly(true);
        // Creating BindAuthenticator using Ldap Context Source.
        BindAuthenticator bindAuthenticator = new BindAuthenticator(ldapContextSource);
        // String[] userDnPatterns = new String[] { rangerLdapUserDNPattern };
        String[] userDnPatterns = rangerLdapUserDNPattern.split(";");
        bindAuthenticator.setUserDnPatterns(userDnPatterns);
        LdapAuthenticationProvider ldapAuthenticationProvider = null;
        if (!StringUtil.isEmpty(rangerLdapGroupSearchBase) && !StringUtil.isEmpty(rangerLdapGroupSearchFilter)) {
            // Creating LDAP authorities populator using Ldap context source and
            // Ldap group search base.
            // populating LDAP authorities populator with group search
            // base,group role attribute, group search filter.
            DefaultLdapAuthoritiesPopulator defaultLdapAuthoritiesPopulator = new DefaultLdapAuthoritiesPopulator(ldapContextSource, rangerLdapGroupSearchBase);
            defaultLdapAuthoritiesPopulator.setGroupRoleAttribute(rangerLdapGroupRoleAttribute);
            defaultLdapAuthoritiesPopulator.setGroupSearchFilter(rangerLdapGroupSearchFilter);
            defaultLdapAuthoritiesPopulator.setIgnorePartialResultException(true);
            // Creating Ldap authentication provider using BindAuthenticator and Ldap authentication populator
            ldapAuthenticationProvider = new LdapAuthenticationProvider(bindAuthenticator, defaultLdapAuthoritiesPopulator);
        } else {
            ldapAuthenticationProvider = new LdapAuthenticationProvider(bindAuthenticator);
        }
        // getting user authenticated
        if (userName != null && userPassword != null && !userName.trim().isEmpty() && !userPassword.trim().isEmpty()) {
            final List<GrantedAuthority> grantedAuths = new ArrayList<>();
            grantedAuths.add(new SimpleGrantedAuthority(rangerLdapDefaultRole));
            final UserDetails principal = new User(userName, userPassword, grantedAuths);
            final Authentication finalAuthentication = new UsernamePasswordAuthenticationToken(principal, userPassword, grantedAuths);
            authentication = ldapAuthenticationProvider.authenticate(finalAuthentication);
            authentication = getAuthenticationWithGrantedAuthority(authentication);
            return authentication;
        } else {
            return authentication;
        }
    } catch (Exception e) {
        logger.debug("LDAP Authentication Failed:", e);
    }
    return authentication;
}
Also used : BindAuthenticator(org.springframework.security.ldap.authentication.BindAuthenticator) DefaultSpringSecurityContextSource(org.springframework.security.ldap.DefaultSpringSecurityContextSource) User(org.springframework.security.core.userdetails.User) LdapContextSource(org.springframework.ldap.core.support.LdapContextSource) DefaultLdapAuthoritiesPopulator(org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator) SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority) GrantedAuthority(org.springframework.security.core.GrantedAuthority) ArrayList(java.util.ArrayList) UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken) BadCredentialsException(org.springframework.security.authentication.BadCredentialsException) AuthenticationException(org.springframework.security.core.AuthenticationException) AuthenticationServiceException(org.springframework.security.authentication.AuthenticationServiceException) SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority) UserDetails(org.springframework.security.core.userdetails.UserDetails) Authentication(org.springframework.security.core.Authentication) DefaultTlsDirContextAuthenticationStrategy(org.springframework.ldap.core.support.DefaultTlsDirContextAuthenticationStrategy) ActiveDirectoryLdapAuthenticationProvider(org.springframework.security.ldap.authentication.ad.ActiveDirectoryLdapAuthenticationProvider) LdapAuthenticationProvider(org.springframework.security.ldap.authentication.LdapAuthenticationProvider)

Example 23 with DefaultSpringSecurityContextSource

use of org.springframework.security.ldap.DefaultSpringSecurityContextSource in project ranger by apache.

the class RangerAuthenticationProvider method getADBindAuthentication.

private Authentication getADBindAuthentication(Authentication authentication) {
    try {
        String rangerADURL = PropertiesUtil.getProperty("ranger.ldap.ad.url", "");
        String rangerLdapADBase = PropertiesUtil.getProperty("ranger.ldap.ad.base.dn", "");
        String rangerADBindDN = PropertiesUtil.getProperty("ranger.ldap.ad.bind.dn", "");
        String rangerADBindPassword = PropertiesUtil.getProperty("ranger.ldap.ad.bind.password", "");
        String rangerLdapDefaultRole = PropertiesUtil.getProperty("ranger.ldap.default.role", "ROLE_USER");
        String rangerLdapReferral = PropertiesUtil.getProperty("ranger.ldap.ad.referral", "follow");
        String rangerLdapUserSearchFilter = PropertiesUtil.getProperty("ranger.ldap.ad.user.searchfilter", "(sAMAccountName={0})");
        boolean rangerIsStartTlsEnabled = Boolean.valueOf(PropertiesUtil.getProperty("ranger.ldap.starttls", "false"));
        String userName = authentication.getName();
        String userPassword = "";
        if (authentication.getCredentials() != null) {
            userPassword = authentication.getCredentials().toString();
        }
        LdapContextSource ldapContextSource = new DefaultSpringSecurityContextSource(rangerADURL);
        ldapContextSource.setUserDn(rangerADBindDN);
        ldapContextSource.setPassword(rangerADBindPassword);
        ldapContextSource.setReferral(rangerLdapReferral);
        ldapContextSource.setCacheEnvironmentProperties(true);
        ldapContextSource.setAnonymousReadOnly(false);
        ldapContextSource.setPooled(true);
        if (rangerIsStartTlsEnabled) {
            ldapContextSource.setPooled(false);
            ldapContextSource.setAuthenticationStrategy(new DefaultTlsDirContextAuthenticationStrategy());
        }
        ldapContextSource.afterPropertiesSet();
        // String searchFilter="(sAMAccountName={0})";
        if (rangerLdapUserSearchFilter == null || rangerLdapUserSearchFilter.trim().isEmpty()) {
            rangerLdapUserSearchFilter = "(sAMAccountName={0})";
        }
        FilterBasedLdapUserSearch userSearch = new FilterBasedLdapUserSearch(rangerLdapADBase, rangerLdapUserSearchFilter, ldapContextSource);
        userSearch.setSearchSubtree(true);
        BindAuthenticator bindAuthenticator = new BindAuthenticator(ldapContextSource);
        bindAuthenticator.setUserSearch(userSearch);
        bindAuthenticator.afterPropertiesSet();
        LdapAuthenticationProvider ldapAuthenticationProvider = new LdapAuthenticationProvider(bindAuthenticator);
        if (userName != null && userPassword != null && !userName.trim().isEmpty() && !userPassword.trim().isEmpty()) {
            final List<GrantedAuthority> grantedAuths = new ArrayList<>();
            grantedAuths.add(new SimpleGrantedAuthority(rangerLdapDefaultRole));
            final UserDetails principal = new User(userName, userPassword, grantedAuths);
            final Authentication finalAuthentication = new UsernamePasswordAuthenticationToken(principal, userPassword, grantedAuths);
            authentication = ldapAuthenticationProvider.authenticate(finalAuthentication);
            authentication = getAuthenticationWithGrantedAuthority(authentication);
            return authentication;
        } else {
            return authentication;
        }
    } catch (Exception e) {
        logger.debug("AD Authentication Failed:", e);
    }
    return authentication;
}
Also used : BindAuthenticator(org.springframework.security.ldap.authentication.BindAuthenticator) DefaultSpringSecurityContextSource(org.springframework.security.ldap.DefaultSpringSecurityContextSource) User(org.springframework.security.core.userdetails.User) LdapContextSource(org.springframework.ldap.core.support.LdapContextSource) SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority) GrantedAuthority(org.springframework.security.core.GrantedAuthority) ArrayList(java.util.ArrayList) UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken) BadCredentialsException(org.springframework.security.authentication.BadCredentialsException) AuthenticationException(org.springframework.security.core.AuthenticationException) AuthenticationServiceException(org.springframework.security.authentication.AuthenticationServiceException) SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority) UserDetails(org.springframework.security.core.userdetails.UserDetails) Authentication(org.springframework.security.core.Authentication) FilterBasedLdapUserSearch(org.springframework.security.ldap.search.FilterBasedLdapUserSearch) DefaultTlsDirContextAuthenticationStrategy(org.springframework.ldap.core.support.DefaultTlsDirContextAuthenticationStrategy) ActiveDirectoryLdapAuthenticationProvider(org.springframework.security.ldap.authentication.ad.ActiveDirectoryLdapAuthenticationProvider) LdapAuthenticationProvider(org.springframework.security.ldap.authentication.LdapAuthenticationProvider)

Example 24 with DefaultSpringSecurityContextSource

use of org.springframework.security.ldap.DefaultSpringSecurityContextSource in project modesti by jlsalmon.

the class WebSecurityConfig method anonymousContextSource.

@Bean
public LdapContextSource anonymousContextSource() {
    DefaultSpringSecurityContextSource contextSource = new DefaultSpringSecurityContextSource(env.getRequiredProperty("ldap.anon.url"));
    contextSource.setBase(env.getRequiredProperty("ldap.base"));
    contextSource.setAnonymousReadOnly(true);
    return contextSource;
}
Also used : DefaultSpringSecurityContextSource(org.springframework.security.ldap.DefaultSpringSecurityContextSource) Bean(org.springframework.context.annotation.Bean)

Example 25 with DefaultSpringSecurityContextSource

use of org.springframework.security.ldap.DefaultSpringSecurityContextSource in project modesti by jlsalmon.

the class WebSecurityConfig method contextSource.

@Bean
public LdapContextSource contextSource() {
    DefaultSpringSecurityContextSource contextSource = new DefaultSpringSecurityContextSource(env.getRequiredProperty("ldap.auth.url"));
    contextSource.setBase(env.getRequiredProperty("ldap.base"));
    return contextSource;
}
Also used : DefaultSpringSecurityContextSource(org.springframework.security.ldap.DefaultSpringSecurityContextSource) Bean(org.springframework.context.annotation.Bean)

Aggregations

DefaultSpringSecurityContextSource (org.springframework.security.ldap.DefaultSpringSecurityContextSource)31 LdapContextSource (org.springframework.ldap.core.support.LdapContextSource)12 BindAuthenticator (org.springframework.security.ldap.authentication.BindAuthenticator)11 LdapAuthenticationProvider (org.springframework.security.ldap.authentication.LdapAuthenticationProvider)10 UsernamePasswordAuthenticationToken (org.springframework.security.authentication.UsernamePasswordAuthenticationToken)9 Authentication (org.springframework.security.core.Authentication)9 GrantedAuthority (org.springframework.security.core.GrantedAuthority)9 UserDetails (org.springframework.security.core.userdetails.UserDetails)9 FilterBasedLdapUserSearch (org.springframework.security.ldap.search.FilterBasedLdapUserSearch)8 Test (org.junit.jupiter.api.Test)7 DefaultLdapAuthoritiesPopulator (org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator)7 BadCredentialsException (org.springframework.security.authentication.BadCredentialsException)6 SimpleGrantedAuthority (org.springframework.security.core.authority.SimpleGrantedAuthority)6 ArrayList (java.util.ArrayList)5 AuthenticationException (org.springframework.security.core.AuthenticationException)5 User (org.springframework.security.core.userdetails.User)5 ActiveDirectoryLdapAuthenticationProvider (org.springframework.security.ldap.authentication.ad.ActiveDirectoryLdapAuthenticationProvider)5 User (org.apache.atlas.web.model.User)4 DefaultTlsDirContextAuthenticationStrategy (org.springframework.ldap.core.support.DefaultTlsDirContextAuthenticationStrategy)4 Bean (org.springframework.context.annotation.Bean)3
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial