List of usage examples for org.springframework.security.ldap.userdetails DefaultLdapAuthoritiesPopulator DefaultLdapAuthoritiesPopulator
public DefaultLdapAuthoritiesPopulator(ContextSource contextSource, String groupSearchBase)
From source file:org.osiam.configuration.LdapAuthentication.java
@Bean @Autowired/*from w w w . jav a2 s .co m*/ public OsiamLdapAuthenticationProvider osiamLdapAuthenticationProvider(SCIMUserProvisioning userProvisioning, @Value("${osiam.ldap.sync-user-data:true}") boolean syncUserData) { return new OsiamLdapAuthenticationProvider(bindAuthenticator(), new DefaultLdapAuthoritiesPopulator(contextSource(), ""), new OsiamLdapUserContextMapper(ldapToScimAttributeMapping()), userProvisioning, syncUserData); }
From source file:sk.lazyman.gizmo.security.GizmoAuthProvider.java
public void init() throws Exception { if (!useLdapAuth()) { return;/*from w ww . jav a2s . c om*/ } LdapContextSource contextSource = new DefaultSpringSecurityContextSource(ldapHost); contextSource.setUserDn(ldapUsername); contextSource.setPassword(ldapPassword); contextSource.afterPropertiesSet(); DefaultLdapAuthoritiesPopulator ldapAuthoritiesPopulator = new DefaultLdapAuthoritiesPopulator( contextSource, ldapGroupSearchBase); ldapAuthoritiesPopulator.setGroupRoleAttribute(ldapGroupRoleAttribute); ldapAuthoritiesPopulator.setGroupSearchFilter(ldapGroupSearchFilter); ldapBindAuthenticator = new SimpleBindAunthenticator(contextSource, gizmoGroup); ldapBindAuthenticator.setUserDnPatterns(new String[] { userDnPattern }); }
From source file:io.gravitee.management.idp.ldap.authentication.LdapAuthenticationProvider.java
@Override public SecurityConfigurer configure() throws Exception { LOGGER.info("Configuring an LDAP Identity Provider"); LdapAuthenticationProviderConfigurer<AuthenticationManagerBuilder> ldapAuthenticationProviderConfigurer = new LdapAuthenticationProviderConfigurer<>(); // Create LDAP context DefaultSpringSecurityContextSource contextSource = new DefaultSpringSecurityContextSource( environment.getProperty("context-source-url")); contextSource.setBase(environment.getProperty("context-source-base")); contextSource.setUserDn(environment.getProperty("context-source-username")); contextSource.setPassword(environment.getProperty("context-source-password")); contextSource.afterPropertiesSet();/*from w w w. j a va 2 s .co m*/ String userDNPattern = environment.getProperty("user-dn-pattern"); if (userDNPattern == null || userDNPattern.isEmpty()) { ldapAuthenticationProviderConfigurer.userSearchBase(environment.getProperty("user-search-base")) .userSearchFilter(environment.getProperty("user-search-filter")); } else { ldapAuthenticationProviderConfigurer.userDnPatterns(userDNPattern); } ldapAuthenticationProviderConfigurer.groupSearchBase(environment.getProperty("group-search-base", "")) .groupSearchFilter(environment.getProperty("group-search-filter", "(uniqueMember={0})")) .groupRoleAttribute(environment.getProperty("group-role-attribute", "cn")).rolePrefix(""); DefaultLdapAuthoritiesPopulator populator = new DefaultLdapAuthoritiesPopulator(contextSource, environment.getProperty("group-search-base", "")); populator.setRolePrefix(""); ldapAuthenticationProviderConfigurer.ldapAuthoritiesPopulator(populator).contextSource(contextSource); // set up roles mapper if (environment.getProperty("role-mapping", Boolean.class, false)) { UserDetailsContextPropertiesMapper userDetailsContextPropertiesMapper = new UserDetailsContextPropertiesMapper(); userDetailsContextPropertiesMapper.setEnvironment(environment); ldapAuthenticationProviderConfigurer.userDetailsContextMapper(userDetailsContextPropertiesMapper); } return ldapAuthenticationProviderConfigurer; }
From source file:org.osiam.auth.configuration.LdapConfiguration.java
@Bean public OsiamLdapAuthenticationProvider createLdapAuthProvider() { if (isLdapConfigured) { createLdapToScimAttributeMapping(); DefaultSpringSecurityContextSource contextSource = createLdapContextSource(); BindAuthenticator bindAuthenticator = new BindAuthenticator(contextSource); bindAuthenticator.setUserDnPatterns(dnPatterns); bindAuthenticator.setUserAttributes(attributes); OsiamLdapUserContextMapper mapper = new OsiamLdapUserContextMapper(scimLdapAttributes); DefaultLdapAuthoritiesPopulator authoritiesPopulator = new DefaultLdapAuthoritiesPopulator( contextSource, groupSearchBase); OsiamLdapAuthenticationProvider provider = new OsiamLdapAuthenticationProvider(bindAuthenticator, authoritiesPopulator, mapper); authenticationManager.getProviders().add(provider); return provider; }/* www .j av a2s .co m*/ return null; }
From source file:net.oneandone.stool.overview.config.SecurityConfiguration.java
@Override public UserDetailsService userDetailsService() { FilterBasedLdapUserSearch userSearch; DefaultLdapAuthoritiesPopulator authoritiesPopulator; LdapUserDetailsService result;// w ww. ja v a 2 s . c o m userSearch = new FilterBasedLdapUserSearch("ou=cisostages", "(uid={0})", contextSource()); authoritiesPopulator = new DefaultLdapAuthoritiesPopulator(contextSource(), "ou=roles,ou=cisostages"); authoritiesPopulator.setGroupSearchFilter("(member=uid={1})"); authoritiesPopulator.setGroupRoleAttribute("ou"); authoritiesPopulator.setSearchSubtree(false); authoritiesPopulator.setIgnorePartialResultException(true); result = new LdapUserDetailsService(userSearch, authoritiesPopulator); result.setUserDetailsMapper(new InetOrgPersonContextMapper()); return result; }
From source file:io.gravitee.management.idp.ldap.authentication.LdapAuthenticationProviderConfigurer.java
/** * Gets the {@link LdapAuthoritiesPopulator} and defaults to * {@link DefaultLdapAuthoritiesPopulator} * * @return the {@link LdapAuthoritiesPopulator} *//* w w w.j a v a 2s. c o m*/ private LdapAuthoritiesPopulator getLdapAuthoritiesPopulator() { if (ldapAuthoritiesPopulator != null) { return ldapAuthoritiesPopulator; } DefaultLdapAuthoritiesPopulator defaultAuthoritiesPopulator = new DefaultLdapAuthoritiesPopulator( contextSource, groupSearchBase); defaultAuthoritiesPopulator.setGroupRoleAttribute(groupRoleAttribute); defaultAuthoritiesPopulator.setGroupSearchFilter(groupSearchFilter); this.ldapAuthoritiesPopulator = defaultAuthoritiesPopulator; return defaultAuthoritiesPopulator; }
From source file:de.thm.arsnova.config.SecurityConfig.java
@Bean public LdapAuthoritiesPopulator ldapAuthoritiesPopulator() throws Exception { return new DefaultLdapAuthoritiesPopulator(ldapContextSource(), null); }
From source file:org.apache.atlas.web.security.AtlasLdapAuthenticationProvider.java
private Authentication getLdapAuthentication(Authentication authentication) { if (isDebugEnabled) { LOG.debug("==> AtlasLdapAuthenticationProvider getLdapAuthentication"); }/* w ww.j av a 2 s. c o m*/ try { // taking the user-name and password from the authentication // object. String userName = authentication.getName(); String userPassword = ""; if (authentication.getCredentials() != null) { userPassword = authentication.getCredentials().toString(); } // populating LDAP context source with LDAP URL and user-DN-pattern LdapContextSource ldapContextSource = new DefaultSpringSecurityContextSource(ldapURL); ldapContextSource.setCacheEnvironmentProperties(false); ldapContextSource.setAnonymousReadOnly(true); // Creating BindAuthenticator using Ldap Context Source. BindAuthenticator bindAuthenticator = new BindAuthenticator(ldapContextSource); //String[] userDnPatterns = new String[] { rangerLdapUserDNPattern }; String[] userDnPatterns = ldapUserDNPattern.split(";"); bindAuthenticator.setUserDnPatterns(userDnPatterns); LdapAuthenticationProvider ldapAuthenticationProvider = null; if (!StringUtils.isEmpty(ldapGroupSearchBase) && !StringUtils.isEmpty(ldapGroupSearchFilter)) { // Creating LDAP authorities populator using Ldap context source and // Ldap group search base. // populating LDAP authorities populator with group search // base,group role attribute, group search filter. DefaultLdapAuthoritiesPopulator defaultLdapAuthoritiesPopulator = new DefaultLdapAuthoritiesPopulator( ldapContextSource, ldapGroupSearchBase); defaultLdapAuthoritiesPopulator.setGroupRoleAttribute(ldapGroupRoleAttribute); defaultLdapAuthoritiesPopulator.setGroupSearchFilter(ldapGroupSearchFilter); defaultLdapAuthoritiesPopulator.setIgnorePartialResultException(true); // Creating Ldap authentication provider using BindAuthenticator and Ldap authentication populator ldapAuthenticationProvider = new LdapAuthenticationProvider(bindAuthenticator, defaultLdapAuthoritiesPopulator); } else { ldapAuthenticationProvider = new LdapAuthenticationProvider(bindAuthenticator); } // getting user authenticated if (userName != null && userPassword != null && !userName.trim().isEmpty() && !userPassword.trim().isEmpty()) { final List<GrantedAuthority> grantedAuths = getAuthorities(userName); final UserDetails principal = new User(userName, userPassword, grantedAuths); final Authentication finalAuthentication = new UsernamePasswordAuthenticationToken(principal, userPassword, grantedAuths); authentication = ldapAuthenticationProvider.authenticate(finalAuthentication); if (groupsFromUGI) { authentication = getAuthenticationWithGrantedAuthorityFromUGI(authentication); } return authentication; } else { return authentication; } } catch (Exception e) { LOG.error("getLdapAuthentication LDAP Authentication Failed:", e); } if (isDebugEnabled) { LOG.debug("<== AtlasLdapAuthenticationProvider getLdapAuthentication"); } return authentication; }
From source file:org.apache.atlas.web.security.AtlasLdapAuthenticationProvider.java
private DefaultLdapAuthoritiesPopulator getDefaultLdapAuthoritiesPopulator( LdapContextSource ldapContextSource) { DefaultLdapAuthoritiesPopulator defaultLdapAuthoritiesPopulator = new DefaultLdapAuthoritiesPopulator( ldapContextSource, ldapGroupSearchBase); defaultLdapAuthoritiesPopulator.setGroupRoleAttribute(ldapGroupRoleAttribute); defaultLdapAuthoritiesPopulator.setGroupSearchFilter(ldapGroupSearchFilter); defaultLdapAuthoritiesPopulator.setIgnorePartialResultException(true); return defaultLdapAuthoritiesPopulator; }
From source file:org.pentaho.test.platform.plugin.services.security.userrole.ldap.DefaultLdapUserRoleListServiceTest.java
/** * Get the roles of user <code>suzy</code> by returning the <code>cn</code> attribute of each object that matches base * of <code>ou=roles</code> and filter of <code>(roleOccupant={0})</code>. * /* w w w .j a v a2s. c om*/ * <p> * Note that the UserDetailsService used by Spring Security is re-used here. * </p> */ @Test public void testGetAuthoritiesForUser2() { DefaultLdapAuthoritiesPopulator populator = new DefaultLdapAuthoritiesPopulator(getContextSource(), "ou=roles"); //$NON-NLS-1$ populator.setGroupRoleAttribute("cn"); //$NON-NLS-1$ populator.setGroupSearchFilter("(roleOccupant={0})"); //$NON-NLS-1$ LdapUserSearch userSearch = getUserSearch("ou=users", "(uid={0})"); //$NON-NLS-1$//$NON-NLS-2$ LdapUserDetailsService service = new LdapUserDetailsService(userSearch, populator); DefaultLdapUserRoleListService userRoleListService = getDefaultLdapUserRoleListService(); userRoleListService.setUserDetailsService(service); List res = userRoleListService.getRolesForUser(null, "suzy"); //$NON-NLS-1$ assertTrue(res.contains("ROLE_IS")); //$NON-NLS-1$ if (logger.isDebugEnabled()) { logger.debug("results of getAuthoritiesForUser2(): " + res); //$NON-NLS-1$ } }