Example 21 with LdapAuthenticationProvider
use of org.springframework.security.ldap.authentication.LdapAuthenticationProvider in project gravitee-management-rest-api by gravitee-io.
the class LdapAuthenticationProviderConfigurer method build.
private LdapAuthenticationProvider build() throws Exception {
BaseLdapPathContextSource contextSource = getContextSource();
LdapAuthenticator ldapAuthenticator = createLdapAuthenticator(contextSource);
LdapAuthoritiesPopulator authoritiesPopulator = getLdapAuthoritiesPopulator();
LdapAuthenticationProvider ldapAuthenticationProvider = new LdapAuthenticationProviderProxy(ldapAuthenticator, authoritiesPopulator);
SimpleAuthorityMapper simpleAuthorityMapper = new SimpleAuthorityMapper();
simpleAuthorityMapper.setPrefix(rolePrefix);
simpleAuthorityMapper.afterPropertiesSet();
ldapAuthenticationProvider.setAuthoritiesMapper(simpleAuthorityMapper);
if (userDetailsContextMapper != null) {
ldapAuthenticationProvider.setUserDetailsContextMapper(userDetailsContextMapper);
}
return ldapAuthenticationProvider;
}
Also used :
BaseLdapPathContextSource(org.springframework.ldap.core.support.BaseLdapPathContextSource)
SimpleAuthorityMapper(org.springframework.security.core.authority.mapping.SimpleAuthorityMapper)
LdapAuthenticationProvider(org.springframework.security.ldap.authentication.LdapAuthenticationProvider)
Example 22 with LdapAuthenticationProvider
use of org.springframework.security.ldap.authentication.LdapAuthenticationProvider in project gravitee-management-rest-api by gravitee-io.
the class LdapAuthenticationProviderConfigurer method configure.
@Override
public void configure(B builder) throws Exception {
LdapAuthenticationProvider provider = postProcess(build());
builder.authenticationProvider(provider);
}
Also used :
LdapAuthenticationProvider(org.springframework.security.ldap.authentication.LdapAuthenticationProvider)
Example 23 with LdapAuthenticationProvider
use of org.springframework.security.ldap.authentication.LdapAuthenticationProvider in project atlas by apache.
the class AtlasLdapAuthenticationProvider method getLdapAuthentication.
private Authentication getLdapAuthentication(Authentication authentication) {
if (isDebugEnabled) {
LOG.debug("==> AtlasLdapAuthenticationProvider getLdapAuthentication");
}
try {
// taking the user-name and password from the authentication
// object.
String userName = authentication.getName();
String userPassword = "";
if (authentication.getCredentials() != null) {
userPassword = authentication.getCredentials().toString();
}
// populating LDAP context source with LDAP URL and user-DN-pattern
LdapContextSource ldapContextSource = new DefaultSpringSecurityContextSource(ldapURL);
ldapContextSource.setCacheEnvironmentProperties(false);
ldapContextSource.setAnonymousReadOnly(true);
// Creating BindAuthenticator using Ldap Context Source.
BindAuthenticator bindAuthenticator = new BindAuthenticator(ldapContextSource);
// String[] userDnPatterns = new String[] { rangerLdapUserDNPattern };
String[] userDnPatterns = ldapUserDNPattern.split(";");
bindAuthenticator.setUserDnPatterns(userDnPatterns);
LdapAuthenticationProvider ldapAuthenticationProvider = null;
if (!StringUtils.isEmpty(ldapGroupSearchBase) && !StringUtils.isEmpty(ldapGroupSearchFilter)) {
// Creating LDAP authorities populator using Ldap context source and
// Ldap group search base.
// populating LDAP authorities populator with group search
// base,group role attribute, group search filter.
DefaultLdapAuthoritiesPopulator defaultLdapAuthoritiesPopulator = new DefaultLdapAuthoritiesPopulator(ldapContextSource, ldapGroupSearchBase);
defaultLdapAuthoritiesPopulator.setGroupRoleAttribute(ldapGroupRoleAttribute);
defaultLdapAuthoritiesPopulator.setGroupSearchFilter(ldapGroupSearchFilter);
defaultLdapAuthoritiesPopulator.setIgnorePartialResultException(true);
// Creating Ldap authentication provider using BindAuthenticator and Ldap authentication populator
ldapAuthenticationProvider = new LdapAuthenticationProvider(bindAuthenticator, defaultLdapAuthoritiesPopulator);
} else {
ldapAuthenticationProvider = new LdapAuthenticationProvider(bindAuthenticator);
}
// getting user authenticated
if (userName != null && userPassword != null && !userName.trim().isEmpty() && !userPassword.trim().isEmpty()) {
final List<GrantedAuthority> grantedAuths = getAuthorities(userName);
final UserDetails principal = new User(userName, userPassword, grantedAuths);
final Authentication finalAuthentication = new UsernamePasswordAuthenticationToken(principal, userPassword, grantedAuths);
authentication = ldapAuthenticationProvider.authenticate(finalAuthentication);
if (groupsFromUGI) {
authentication = getAuthenticationWithGrantedAuthorityFromUGI(authentication);
}
return authentication;
} else {
return authentication;
}
} catch (Exception e) {
LOG.error("getLdapAuthentication LDAP Authentication Failed:", e);
}
if (isDebugEnabled) {
LOG.debug("<== AtlasLdapAuthenticationProvider getLdapAuthentication");
}
return authentication;
}
Also used :
BindAuthenticator(org.springframework.security.ldap.authentication.BindAuthenticator)
DefaultSpringSecurityContextSource(org.springframework.security.ldap.DefaultSpringSecurityContextSource)
User(org.apache.atlas.web.model.User)
LdapContextSource(org.springframework.ldap.core.support.LdapContextSource)
DefaultLdapAuthoritiesPopulator(org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator)
GrantedAuthority(org.springframework.security.core.GrantedAuthority)
UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken)
AuthenticationException(org.springframework.security.core.AuthenticationException)
UserDetails(org.springframework.security.core.userdetails.UserDetails)
Authentication(org.springframework.security.core.Authentication)
LdapAuthenticationProvider(org.springframework.security.ldap.authentication.LdapAuthenticationProvider)
Example 24 with LdapAuthenticationProvider
use of org.springframework.security.ldap.authentication.LdapAuthenticationProvider in project hub-alert by blackducksoftware.
the class AuthenticationActionsTestIT method testAuthenticationLDAPExceptionIT.
@Test
public void testAuthenticationLDAPExceptionIT() throws Exception {
HttpServletRequest servletRequest = new MockHttpServletRequest();
HttpServletResponse servletResponse = new MockHttpServletResponse();
Authentication authentication = Mockito.mock(Authentication.class);
Mockito.when(authentication.isAuthenticated()).thenReturn(true);
LdapAuthenticationProvider ldapAuthenticationProvider = Mockito.mock(LdapAuthenticationProvider.class);
Mockito.when(ldapAuthenticationProvider.authenticate(Mockito.any(Authentication.class))).thenReturn(authentication);
LdapManager mockLdapManager = Mockito.mock(LdapManager.class);
Mockito.when(mockLdapManager.isLdapEnabled()).thenReturn(true);
Mockito.when(mockLdapManager.getAuthenticationProvider()).thenThrow(new AlertConfigurationException("LDAP CONFIG EXCEPTION"));
DaoAuthenticationProvider databaseProvider = Mockito.mock(DaoAuthenticationProvider.class);
Mockito.when(databaseProvider.authenticate(Mockito.any(Authentication.class))).thenReturn(authentication);
AuthenticationEventManager authenticationEventManager = Mockito.mock(AuthenticationEventManager.class);
Mockito.doNothing().when(authenticationEventManager).sendAuthenticationEvent(Mockito.any(), Mockito.eq(AuthenticationType.LDAP));
RoleAccessor roleAccessor = Mockito.mock(RoleAccessor.class);
AlertDatabaseAuthenticationPerformer alertDatabaseAuthenticationPerformer = new AlertDatabaseAuthenticationPerformer(authenticationEventManager, roleAccessor, databaseProvider);
LdapAuthenticationPerformer ldapAuthenticationPerformer = new LdapAuthenticationPerformer(authenticationEventManager, roleAccessor, mockLdapManager);
AlertAuthenticationProvider authenticationProvider = new AlertAuthenticationProvider(List.of(ldapAuthenticationPerformer, alertDatabaseAuthenticationPerformer));
AuthenticationActions authenticationActions = new AuthenticationActions(authenticationProvider, csrfTokenRepository);
ActionResponse<Void> response = authenticationActions.authenticateUser(servletRequest, servletResponse, mockLoginRestModel.createRestModel());
assertTrue(response.isError());
Mockito.verify(databaseProvider).authenticate(Mockito.any(Authentication.class));
}
Also used :
AlertDatabaseAuthenticationPerformer(com.synopsys.integration.alert.component.authentication.security.database.AlertDatabaseAuthenticationPerformer)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse)
HttpServletResponse(javax.servlet.http.HttpServletResponse)
RoleAccessor(com.synopsys.integration.alert.common.descriptor.accessor.RoleAccessor)
LdapManager(com.synopsys.integration.alert.component.authentication.security.ldap.LdapManager)
LdapAuthenticationPerformer(com.synopsys.integration.alert.component.authentication.security.ldap.LdapAuthenticationPerformer)
HttpServletRequest(javax.servlet.http.HttpServletRequest)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
DaoAuthenticationProvider(org.springframework.security.authentication.dao.DaoAuthenticationProvider)
Authentication(org.springframework.security.core.Authentication)
AuthenticationEventManager(com.synopsys.integration.alert.component.authentication.security.event.AuthenticationEventManager)
AlertAuthenticationProvider(com.synopsys.integration.alert.component.authentication.security.AlertAuthenticationProvider)
LdapAuthenticationProvider(org.springframework.security.ldap.authentication.LdapAuthenticationProvider)
MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse)
AlertConfigurationException(com.synopsys.integration.alert.api.common.model.exception.AlertConfigurationException)
AlertIntegrationTest(com.synopsys.integration.alert.util.AlertIntegrationTest)
Test(org.junit.jupiter.api.Test)
Example 25 with LdapAuthenticationProvider
use of org.springframework.security.ldap.authentication.LdapAuthenticationProvider in project hub-alert by blackducksoftware.
the class LdapAuthenticationPerformer method authenticateWithProvider.
@Override
public Authentication authenticateWithProvider(Authentication pendingAuthentication) {
logger.info("Checking ldap based authentication...");
Authentication result = pendingAuthentication;
if (ldapManager.isLdapEnabled()) {
logger.info("LDAP authentication enabled");
try {
Optional<LdapAuthenticationProvider> authenticationProvider = ldapManager.getAuthenticationProvider();
if (authenticationProvider.isPresent()) {
result = authenticationProvider.get().authenticate(pendingAuthentication);
}
} catch (AlertConfigurationException ex) {
logger.error("LDAP Configuration error", ex);
} catch (Exception ex) {
logger.error("LDAP Authentication error", ex);
}
} else {
logger.info("LDAP authentication disabled");
}
return result;
}
Also used :
Authentication(org.springframework.security.core.Authentication)
LdapAuthenticationProvider(org.springframework.security.ldap.authentication.LdapAuthenticationProvider)
AlertConfigurationException(com.synopsys.integration.alert.api.common.model.exception.AlertConfigurationException)
AlertConfigurationException(com.synopsys.integration.alert.api.common.model.exception.AlertConfigurationException)
Aggregations
LdapAuthenticationProvider (org.springframework.security.ldap.authentication.LdapAuthenticationProvider)35
Authentication (org.springframework.security.core.Authentication)17
LdapContextSource (org.springframework.ldap.core.support.LdapContextSource)14
BindAuthenticator (org.springframework.security.ldap.authentication.BindAuthenticator)14
UsernamePasswordAuthenticationToken (org.springframework.security.authentication.UsernamePasswordAuthenticationToken)13
UserDetails (org.springframework.security.core.userdetails.UserDetails)12
GrantedAuthority (org.springframework.security.core.GrantedAuthority)11
FilterBasedLdapUserSearch (org.springframework.security.ldap.search.FilterBasedLdapUserSearch)11
DefaultSpringSecurityContextSource (org.springframework.security.ldap.DefaultSpringSecurityContextSource)10
AuthenticationException (org.springframework.security.core.AuthenticationException)8
DefaultLdapAuthoritiesPopulator (org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator)8
Test (org.junit.jupiter.api.Test)7
BadCredentialsException (org.springframework.security.authentication.BadCredentialsException)7
ArrayList (java.util.ArrayList)6
User (org.apache.atlas.web.model.User)6
DefaultTlsDirContextAuthenticationStrategy (org.springframework.ldap.core.support.DefaultTlsDirContextAuthenticationStrategy)5
SimpleGrantedAuthority (org.springframework.security.core.authority.SimpleGrantedAuthority)5
User (org.springframework.security.core.userdetails.User)5
ActiveDirectoryLdapAuthenticationProvider (org.springframework.security.ldap.authentication.ad.ActiveDirectoryLdapAuthenticationProvider)5
AlertConfigurationException (com.synopsys.integration.alert.api.common.model.exception.AlertConfigurationException)3
