Search in sources :

Example 1 with DefaultSpringSecurityContextSource

use of org.springframework.security.ldap.DefaultSpringSecurityContextSource in project gocd by gocd.

the class LdapContextFactory method initializeDelegator.

void initializeDelegator() {
    //LdapAuthenticationProvider has checked that LDAP config directoryExists
    SecurityConfig securityConfig = goConfigService.security();
    LdapConfig ldapConfig = securityConfig.ldapConfig();
    if (ldapConfig.isEnabled()) {
        try {
            delegate = new DefaultSpringSecurityContextSource(ldapConfig.uri());
            //so user can define the variable java.naming.referral=follow in the server.sh
            delegate.setBaseEnvironmentProperties(System.getProperties());
            new LdapContextSourceConfigurator(ldapConfig).configure(delegate);
            delegate.afterPropertiesSet();
        } catch (Exception e) {
            throw bomb("Invalid or empty ldap config, Error creating DefaultSpringSecurityContextSource", e);
        }
    }
}
Also used : LdapConfig(com.thoughtworks.go.config.LdapConfig) DefaultSpringSecurityContextSource(org.springframework.security.ldap.DefaultSpringSecurityContextSource) SecurityConfig(com.thoughtworks.go.config.SecurityConfig) NamingException(org.springframework.ldap.NamingException)

Example 2 with DefaultSpringSecurityContextSource

use of org.springframework.security.ldap.DefaultSpringSecurityContextSource in project gocd by gocd.

the class ServerConfigServiceIntegrationTest method shouldUseTheNewPasswordIfItIsChanged.

@Test
public void shouldUseTheNewPasswordIfItIsChanged() {
    LdapConfig ldapConfig = new LdapConfig(LDAP_URL, MANAGER_DN, "changed_password", "encrypted_password", true, new BasesConfig(new BaseConfig(SEARCH_BASE)), SEARCH_FILTER);
    DefaultSpringSecurityContextSource source = serverConfigService.ldapContextSource(ldapConfig);
    assertThat(source.getAuthenticationSource().getCredentials(), is("changed_password"));
}
Also used : DefaultSpringSecurityContextSource(org.springframework.security.ldap.DefaultSpringSecurityContextSource) BasesConfig(com.thoughtworks.go.config.server.security.ldap.BasesConfig) BaseConfig(com.thoughtworks.go.config.server.security.ldap.BaseConfig) Test(org.junit.Test)

Example 3 with DefaultSpringSecurityContextSource

use of org.springframework.security.ldap.DefaultSpringSecurityContextSource in project atlas by apache.

the class AtlasADAuthenticationProvider method getADBindAuthentication.

private Authentication getADBindAuthentication(Authentication authentication) {
    try {
        String userName = authentication.getName();
        String userPassword = "";
        if (authentication.getCredentials() != null) {
            userPassword = authentication.getCredentials().toString();
        }
        LdapContextSource ldapContextSource = new DefaultSpringSecurityContextSource(adURL);
        ldapContextSource.setUserDn(adBindDN);
        ldapContextSource.setPassword(adBindPassword);
        ldapContextSource.setReferral(adReferral);
        ldapContextSource.setCacheEnvironmentProperties(true);
        ldapContextSource.setAnonymousReadOnly(false);
        ldapContextSource.setPooled(true);
        ldapContextSource.afterPropertiesSet();
        FilterBasedLdapUserSearch userSearch = new FilterBasedLdapUserSearch(adBase, adUserSearchFilter, ldapContextSource);
        userSearch.setSearchSubtree(true);
        BindAuthenticator bindAuthenticator = new BindAuthenticator(ldapContextSource);
        bindAuthenticator.setUserSearch(userSearch);
        bindAuthenticator.afterPropertiesSet();
        LdapAuthenticationProvider ldapAuthenticationProvider = new LdapAuthenticationProvider(bindAuthenticator);
        if (userName != null && userPassword != null && !userName.trim().isEmpty() && !userPassword.trim().isEmpty()) {
            final List<GrantedAuthority> grantedAuths = getAuthorities(userName);
            final UserDetails principal = new User(userName, userPassword, grantedAuths);
            final Authentication finalAuthentication = new UsernamePasswordAuthenticationToken(principal, userPassword, grantedAuths);
            authentication = ldapAuthenticationProvider.authenticate(finalAuthentication);
            if (groupsFromUGI) {
                authentication = getAuthenticationWithGrantedAuthorityFromUGI(authentication);
            }
            return authentication;
        } else {
            LOG.error("AD Authentication Failed userName or userPassword is null or empty");
            return null;
        }
    } catch (Exception e) {
        LOG.error("AD Authentication Failed:", e);
        return null;
    }
}
Also used : BindAuthenticator(org.springframework.security.ldap.authentication.BindAuthenticator) DefaultSpringSecurityContextSource(org.springframework.security.ldap.DefaultSpringSecurityContextSource) User(org.apache.atlas.web.model.User) LdapContextSource(org.springframework.ldap.core.support.LdapContextSource) GrantedAuthority(org.springframework.security.core.GrantedAuthority) UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken) UserDetails(org.springframework.security.core.userdetails.UserDetails) Authentication(org.springframework.security.core.Authentication) FilterBasedLdapUserSearch(org.springframework.security.ldap.search.FilterBasedLdapUserSearch) LdapAuthenticationProvider(org.springframework.security.ldap.authentication.LdapAuthenticationProvider) ActiveDirectoryLdapAuthenticationProvider(org.springframework.security.ldap.authentication.ad.ActiveDirectoryLdapAuthenticationProvider)

Example 4 with DefaultSpringSecurityContextSource

use of org.springframework.security.ldap.DefaultSpringSecurityContextSource in project spring-security by spring-projects.

the class LdapServerBeanDefinitionParserTests method loadingSpecificLdifFileIsSuccessful.

@Test
public void loadingSpecificLdifFileIsSuccessful() {
    this.appCtx = new InMemoryXmlApplicationContext("<ldap-server ldif='classpath*:test-server2.xldif' root='dc=monkeymachine,dc=co,dc=uk' port='0'/>");
    DefaultSpringSecurityContextSource contextSource = (DefaultSpringSecurityContextSource) this.appCtx.getBean(BeanIds.CONTEXT_SOURCE);
    LdapTemplate template = new LdapTemplate(contextSource);
    template.lookup("uid=pg,ou=gorillas");
}
Also used : DefaultSpringSecurityContextSource(org.springframework.security.ldap.DefaultSpringSecurityContextSource) LdapTemplate(org.springframework.ldap.core.LdapTemplate) InMemoryXmlApplicationContext(org.springframework.security.config.util.InMemoryXmlApplicationContext) Test(org.junit.jupiter.api.Test)

Example 5 with DefaultSpringSecurityContextSource

use of org.springframework.security.ldap.DefaultSpringSecurityContextSource in project spring-security by spring-projects.

the class LdapServerBeanDefinitionParserTests method useOfUrlAttributeCreatesCorrectContextSource.

@Test
public void useOfUrlAttributeCreatesCorrectContextSource() throws Exception {
    int port = getDefaultPort();
    // Create second "server" with a url pointing at embedded one
    this.appCtx = new InMemoryXmlApplicationContext("<ldap-server ldif='classpath:test-server.ldif' port='" + port + "'/>" + "<ldap-server ldif='classpath:test-server.ldif' id='blah' url='ldap://127.0.0.1:" + port + "/dc=springframework,dc=org' />");
    // Check the default context source is still there.
    this.appCtx.getBean(BeanIds.CONTEXT_SOURCE);
    DefaultSpringSecurityContextSource contextSource = (DefaultSpringSecurityContextSource) this.appCtx.getBean("blah");
    // Check data is loaded as before
    LdapTemplate template = new LdapTemplate(contextSource);
    template.lookup("uid=ben,ou=people");
}
Also used : DefaultSpringSecurityContextSource(org.springframework.security.ldap.DefaultSpringSecurityContextSource) LdapTemplate(org.springframework.ldap.core.LdapTemplate) InMemoryXmlApplicationContext(org.springframework.security.config.util.InMemoryXmlApplicationContext) Test(org.junit.jupiter.api.Test)

Aggregations

DefaultSpringSecurityContextSource (org.springframework.security.ldap.DefaultSpringSecurityContextSource)31 LdapContextSource (org.springframework.ldap.core.support.LdapContextSource)12 BindAuthenticator (org.springframework.security.ldap.authentication.BindAuthenticator)11 LdapAuthenticationProvider (org.springframework.security.ldap.authentication.LdapAuthenticationProvider)10 UsernamePasswordAuthenticationToken (org.springframework.security.authentication.UsernamePasswordAuthenticationToken)9 Authentication (org.springframework.security.core.Authentication)9 GrantedAuthority (org.springframework.security.core.GrantedAuthority)9 UserDetails (org.springframework.security.core.userdetails.UserDetails)9 FilterBasedLdapUserSearch (org.springframework.security.ldap.search.FilterBasedLdapUserSearch)8 Test (org.junit.jupiter.api.Test)7 DefaultLdapAuthoritiesPopulator (org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator)7 BadCredentialsException (org.springframework.security.authentication.BadCredentialsException)6 SimpleGrantedAuthority (org.springframework.security.core.authority.SimpleGrantedAuthority)6 ArrayList (java.util.ArrayList)5 AuthenticationException (org.springframework.security.core.AuthenticationException)5 User (org.springframework.security.core.userdetails.User)5 ActiveDirectoryLdapAuthenticationProvider (org.springframework.security.ldap.authentication.ad.ActiveDirectoryLdapAuthenticationProvider)5 User (org.apache.atlas.web.model.User)4 DefaultTlsDirContextAuthenticationStrategy (org.springframework.ldap.core.support.DefaultTlsDirContextAuthenticationStrategy)4 Bean (org.springframework.context.annotation.Bean)3