Examples with LdapAuthenticationProvider org.springframework.security.ldap.authentication.LdapAuthenticationProvider used on opensource projects

Example 31 with LdapAuthenticationProvider

use of org.springframework.security.ldap.authentication.LdapAuthenticationProvider in project spring-security by spring-projects.

the class LdapAuthenticationProviderBuilderSecurityBuilderTests method groupSearchCustom.

@Test
public void groupSearchCustom() {
    this.spring.register(GroupSearchConfig.class).autowire();
    LdapAuthenticationProvider provider = ldapProvider();
    assertThat(ReflectionTestUtils.getField(getAuthoritiesPopulator(provider), "groupSearchFilter")).isEqualTo("ou=groupName");
}

Example 32 with LdapAuthenticationProvider

use of org.springframework.security.ldap.authentication.LdapAuthenticationProvider in project spring-security by spring-projects.

the class LdapAuthenticationProviderBuilderSecurityBuilderTests method groupSubtreeSearchCustom.

@Test
public void groupSubtreeSearchCustom() {
    this.spring.register(GroupSubtreeSearchConfig.class).autowire();
    LdapAuthenticationProvider provider = ldapProvider();
    assertThat(ReflectionTestUtils.getField(getAuthoritiesPopulator(provider), "searchControls")).extracting("searchScope").isEqualTo(SearchControls.SUBTREE_SCOPE);
}

Example 33 with LdapAuthenticationProvider

use of org.springframework.security.ldap.authentication.LdapAuthenticationProvider in project spring-security by spring-projects.

the class LdapAuthenticationProviderBuilderSecurityBuilderTests method defaultConfiguration.

@Test
public void defaultConfiguration() {
    this.spring.register(DefaultLdapConfig.class).autowire();
    LdapAuthenticationProvider provider = ldapProvider();
    LdapAuthoritiesPopulator authoritiesPopulator = getAuthoritiesPopulator(provider);
    assertThat(authoritiesPopulator).hasFieldOrPropertyWithValue("groupRoleAttribute", "cn");
    assertThat(authoritiesPopulator).hasFieldOrPropertyWithValue("groupSearchBase", "");
    assertThat(authoritiesPopulator).hasFieldOrPropertyWithValue("groupSearchFilter", "(uniqueMember={0})");
    assertThat(authoritiesPopulator).extracting("searchControls").hasFieldOrPropertyWithValue("searchScope", SearchControls.ONELEVEL_SCOPE);
    assertThat(ReflectionTestUtils.getField(getAuthoritiesMapper(provider), "prefix")).isEqualTo("ROLE_");
}

Example 34 with LdapAuthenticationProvider

use of org.springframework.security.ldap.authentication.LdapAuthenticationProvider in project midpoint by Evolveum.

the class MidPointLdapAuthenticationProvider method createAuthenticatorProvider.

private LdapAuthenticationProvider createAuthenticatorProvider(LdapAuthenticator authenticator) {
    return new LdapAuthenticationProvider(authenticator) {

        @Override
        protected DirContextOperations doAuthentication(UsernamePasswordAuthenticationToken authentication) {
            DirContextOperations originalDirContextOperations = super.doAuthentication(authentication);
            return MidPointLdapAuthenticationProvider.this.doAuthentication(originalDirContextOperations);
        }

        @Override
        protected Authentication createSuccessfulAuthentication(UsernamePasswordAuthenticationToken authentication, UserDetails user) {
            Authentication authNCtx = super.createSuccessfulAuthentication(authentication, user);
            MidPointLdapAuthenticationProvider.this.createSuccessfulAuthentication(authentication, authNCtx);
            return authNCtx;
        }
    };
}

Example 35 with LdapAuthenticationProvider

use of org.springframework.security.ldap.authentication.LdapAuthenticationProvider in project incubator-atlas by apache.

the class AtlasLdapAuthenticationProvider method getLdapBindAuthentication.

private Authentication getLdapBindAuthentication(Authentication authentication) {
    try {
        if (isDebugEnabled) {
            LOG.debug("==> AtlasLdapAuthenticationProvider getLdapBindAuthentication");
        }
        String userName = authentication.getName();
        String userPassword = "";
        if (authentication.getCredentials() != null) {
            userPassword = authentication.getCredentials().toString();
        }
        LdapContextSource ldapContextSource = getLdapContextSource();
        DefaultLdapAuthoritiesPopulator defaultLdapAuthoritiesPopulator = getDefaultLdapAuthoritiesPopulator(ldapContextSource);
        if (ldapUserSearchFilter == null || ldapUserSearchFilter.trim().isEmpty()) {
            ldapUserSearchFilter = "(uid={0})";
        }
        FilterBasedLdapUserSearch userSearch = new FilterBasedLdapUserSearch(ldapBase, ldapUserSearchFilter, ldapContextSource);
        userSearch.setSearchSubtree(true);
        BindAuthenticator bindAuthenticator = getBindAuthenticator(userSearch, ldapContextSource);
        LdapAuthenticationProvider ldapAuthenticationProvider = new LdapAuthenticationProvider(bindAuthenticator, defaultLdapAuthoritiesPopulator);
        if (userName != null && userPassword != null && !userName.trim().isEmpty() && !userPassword.trim().isEmpty()) {
            final List<GrantedAuthority> grantedAuths = getAuthorities(userName);
            final UserDetails principal = new User(userName, userPassword, grantedAuths);
            final Authentication finalAuthentication = new UsernamePasswordAuthenticationToken(principal, userPassword, grantedAuths);
            authentication = ldapAuthenticationProvider.authenticate(finalAuthentication);
            if (groupsFromUGI) {
                authentication = getAuthenticationWithGrantedAuthorityFromUGI(authentication);
            }
            return authentication;
        } else {
            LOG.error("LDAP Authentication::userName or userPassword is null or empty for userName " + userName);
        }
    } catch (Exception e) {
        LOG.error(" getLdapBindAuthentication LDAP Authentication Failed:", e);
    }
    if (isDebugEnabled) {
        LOG.debug("<== AtlasLdapAuthenticationProvider getLdapBindAuthentication");
    }
    return authentication;
}