Examples with DefaultLdapAuthoritiesPopulator org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator used on opensource projects

Search in sources :

Example 1 with DefaultLdapAuthoritiesPopulator

use of org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator in project incubator-atlas by apache.

the class AtlasLdapAuthenticationProvider method getLdapAuthentication.

private Authentication getLdapAuthentication(Authentication authentication) {
    if (isDebugEnabled) {
        LOG.debug("==> AtlasLdapAuthenticationProvider getLdapAuthentication");
    }
    try {
        // taking the user-name and password from the authentication
        // object.
        String userName = authentication.getName();
        String userPassword = "";
        if (authentication.getCredentials() != null) {
            userPassword = authentication.getCredentials().toString();
        }
        // populating LDAP context source with LDAP URL and user-DN-pattern
        LdapContextSource ldapContextSource = new DefaultSpringSecurityContextSource(ldapURL);
        ldapContextSource.setCacheEnvironmentProperties(false);
        ldapContextSource.setAnonymousReadOnly(true);
        // Creating BindAuthenticator using Ldap Context Source.
        BindAuthenticator bindAuthenticator = new BindAuthenticator(ldapContextSource);
        //String[] userDnPatterns = new String[] { rangerLdapUserDNPattern };
        String[] userDnPatterns = ldapUserDNPattern.split(";");
        bindAuthenticator.setUserDnPatterns(userDnPatterns);
        LdapAuthenticationProvider ldapAuthenticationProvider = null;
        if (!StringUtils.isEmpty(ldapGroupSearchBase) && !StringUtils.isEmpty(ldapGroupSearchFilter)) {
            // Creating LDAP authorities populator using Ldap context source and
            // Ldap group search base.
            // populating LDAP authorities populator with group search
            // base,group role attribute, group search filter.
            DefaultLdapAuthoritiesPopulator defaultLdapAuthoritiesPopulator = new DefaultLdapAuthoritiesPopulator(ldapContextSource, ldapGroupSearchBase);
            defaultLdapAuthoritiesPopulator.setGroupRoleAttribute(ldapGroupRoleAttribute);
            defaultLdapAuthoritiesPopulator.setGroupSearchFilter(ldapGroupSearchFilter);
            defaultLdapAuthoritiesPopulator.setIgnorePartialResultException(true);
            // Creating Ldap authentication provider using BindAuthenticator and Ldap authentication populator
            ldapAuthenticationProvider = new LdapAuthenticationProvider(bindAuthenticator, defaultLdapAuthoritiesPopulator);
        } else {
            ldapAuthenticationProvider = new LdapAuthenticationProvider(bindAuthenticator);
        }
        // getting user authenticated
        if (userName != null && userPassword != null && !userName.trim().isEmpty() && !userPassword.trim().isEmpty()) {
            final List<GrantedAuthority> grantedAuths = getAuthorities(userName);
            final UserDetails principal = new User(userName, userPassword, grantedAuths);
            final Authentication finalAuthentication = new UsernamePasswordAuthenticationToken(principal, userPassword, grantedAuths);
            authentication = ldapAuthenticationProvider.authenticate(finalAuthentication);
            if (groupsFromUGI) {
                authentication = getAuthenticationWithGrantedAuthorityFromUGI(authentication);
            }
            return authentication;
        } else {
            return authentication;
        }
    } catch (Exception e) {
        LOG.error("getLdapAuthentication LDAP Authentication Failed:", e);
    }
    if (isDebugEnabled) {
        LOG.debug("<== AtlasLdapAuthenticationProvider getLdapAuthentication");
    }
    return authentication;
}
Also used : BindAuthenticator(org.springframework.security.ldap.authentication.BindAuthenticator) DefaultSpringSecurityContextSource(org.springframework.security.ldap.DefaultSpringSecurityContextSource) User(org.apache.atlas.web.model.User) LdapContextSource(org.springframework.ldap.core.support.LdapContextSource) DefaultLdapAuthoritiesPopulator(org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator) GrantedAuthority(org.springframework.security.core.GrantedAuthority) UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken) AuthenticationException(org.springframework.security.core.AuthenticationException) UserDetails(org.springframework.security.core.userdetails.UserDetails) Authentication(org.springframework.security.core.Authentication) LdapAuthenticationProvider(org.springframework.security.ldap.authentication.LdapAuthenticationProvider)

Example 2 with DefaultLdapAuthoritiesPopulator

use of org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator in project spring-security by spring-projects.

the class LdapAuthenticationProviderConfigurer method getLdapAuthoritiesPopulator.

/**
	 * Gets the {@link LdapAuthoritiesPopulator} and defaults to
	 * {@link DefaultLdapAuthoritiesPopulator}
	 *
	 * @return the {@link LdapAuthoritiesPopulator}
	 */
private LdapAuthoritiesPopulator getLdapAuthoritiesPopulator() {
    if (ldapAuthoritiesPopulator != null) {
        return ldapAuthoritiesPopulator;
    }
    DefaultLdapAuthoritiesPopulator defaultAuthoritiesPopulator = new DefaultLdapAuthoritiesPopulator(contextSource, groupSearchBase);
    defaultAuthoritiesPopulator.setGroupRoleAttribute(groupRoleAttribute);
    defaultAuthoritiesPopulator.setGroupSearchFilter(groupSearchFilter);
    defaultAuthoritiesPopulator.setRolePrefix(this.rolePrefix);
    this.ldapAuthoritiesPopulator = defaultAuthoritiesPopulator;
    return defaultAuthoritiesPopulator;
}
Also used : DefaultLdapAuthoritiesPopulator(org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator)

Example 3 with DefaultLdapAuthoritiesPopulator

use of org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator in project incubator-atlas by apache.

the class AtlasLdapAuthenticationProvider method getLdapBindAuthentication.

private Authentication getLdapBindAuthentication(Authentication authentication) {
    try {
        if (isDebugEnabled) {
            LOG.debug("==> AtlasLdapAuthenticationProvider getLdapBindAuthentication");
        }
        String userName = authentication.getName();
        String userPassword = "";
        if (authentication.getCredentials() != null) {
            userPassword = authentication.getCredentials().toString();
        }
        LdapContextSource ldapContextSource = getLdapContextSource();
        DefaultLdapAuthoritiesPopulator defaultLdapAuthoritiesPopulator = getDefaultLdapAuthoritiesPopulator(ldapContextSource);
        if (ldapUserSearchFilter == null || ldapUserSearchFilter.trim().isEmpty()) {
            ldapUserSearchFilter = "(uid={0})";
        }
        FilterBasedLdapUserSearch userSearch = new FilterBasedLdapUserSearch(ldapBase, ldapUserSearchFilter, ldapContextSource);
        userSearch.setSearchSubtree(true);
        BindAuthenticator bindAuthenticator = getBindAuthenticator(userSearch, ldapContextSource);
        LdapAuthenticationProvider ldapAuthenticationProvider = new LdapAuthenticationProvider(bindAuthenticator, defaultLdapAuthoritiesPopulator);
        if (userName != null && userPassword != null && !userName.trim().isEmpty() && !userPassword.trim().isEmpty()) {
            final List<GrantedAuthority> grantedAuths = getAuthorities(userName);
            final UserDetails principal = new User(userName, userPassword, grantedAuths);
            final Authentication finalAuthentication = new UsernamePasswordAuthenticationToken(principal, userPassword, grantedAuths);
            authentication = ldapAuthenticationProvider.authenticate(finalAuthentication);
            if (groupsFromUGI) {
                authentication = getAuthenticationWithGrantedAuthorityFromUGI(authentication);
            }
            return authentication;
        } else {
            LOG.error("LDAP Authentication::userName or userPassword is null or empty for userName " + userName);
        }
    } catch (Exception e) {
        LOG.error(" getLdapBindAuthentication LDAP Authentication Failed:", e);
    }
    if (isDebugEnabled) {
        LOG.debug("<== AtlasLdapAuthenticationProvider getLdapBindAuthentication");
    }
    return authentication;
}
Also used : BindAuthenticator(org.springframework.security.ldap.authentication.BindAuthenticator) User(org.apache.atlas.web.model.User) LdapContextSource(org.springframework.ldap.core.support.LdapContextSource) DefaultLdapAuthoritiesPopulator(org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator) GrantedAuthority(org.springframework.security.core.GrantedAuthority) UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken) AuthenticationException(org.springframework.security.core.AuthenticationException) UserDetails(org.springframework.security.core.userdetails.UserDetails) Authentication(org.springframework.security.core.Authentication) FilterBasedLdapUserSearch(org.springframework.security.ldap.search.FilterBasedLdapUserSearch) LdapAuthenticationProvider(org.springframework.security.ldap.authentication.LdapAuthenticationProvider)

Example 4 with DefaultLdapAuthoritiesPopulator

use of org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator in project incubator-atlas by apache.

the class AtlasLdapAuthenticationProvider method getDefaultLdapAuthoritiesPopulator.

private DefaultLdapAuthoritiesPopulator getDefaultLdapAuthoritiesPopulator(LdapContextSource ldapContextSource) {
    DefaultLdapAuthoritiesPopulator defaultLdapAuthoritiesPopulator = new DefaultLdapAuthoritiesPopulator(ldapContextSource, ldapGroupSearchBase);
    defaultLdapAuthoritiesPopulator.setGroupRoleAttribute(ldapGroupRoleAttribute);
    defaultLdapAuthoritiesPopulator.setGroupSearchFilter(ldapGroupSearchFilter);
    defaultLdapAuthoritiesPopulator.setIgnorePartialResultException(true);
    return defaultLdapAuthoritiesPopulator;
}
Also used : DefaultLdapAuthoritiesPopulator(org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator)

Aggregations

DefaultLdapAuthoritiesPopulator (org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator)4 User (org.apache.atlas.web.model.User)2 LdapContextSource (org.springframework.ldap.core.support.LdapContextSource)2 UsernamePasswordAuthenticationToken (org.springframework.security.authentication.UsernamePasswordAuthenticationToken)2 Authentication (org.springframework.security.core.Authentication)2 AuthenticationException (org.springframework.security.core.AuthenticationException)2 GrantedAuthority (org.springframework.security.core.GrantedAuthority)2 UserDetails (org.springframework.security.core.userdetails.UserDetails)2 BindAuthenticator (org.springframework.security.ldap.authentication.BindAuthenticator)2 LdapAuthenticationProvider (org.springframework.security.ldap.authentication.LdapAuthenticationProvider)2 DefaultSpringSecurityContextSource (org.springframework.security.ldap.DefaultSpringSecurityContextSource)1 FilterBasedLdapUserSearch (org.springframework.security.ldap.search.FilterBasedLdapUserSearch)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial