Example usage for org.springframework.security.ldap.userdetails DefaultLdapAuthoritiesPopulator setGroupRoleAttribute

List of usage examples for org.springframework.security.ldap.userdetails DefaultLdapAuthoritiesPopulator setGroupRoleAttribute

  1. HOME
  2. Java
  3. org.springframework
  4. org.springframework.security.ldap.userdetails.*
  5. DefaultLdapAuthoritiesPopulator
  6. setGroupRoleAttribute

Introduction

In this page you can find the example usage for org.springframework.security.ldap.userdetails DefaultLdapAuthoritiesPopulator setGroupRoleAttribute.

Prototype

public void setGroupRoleAttribute(String groupRoleAttribute)

Source Link

Usage

From source file:sk.lazyman.gizmo.security.GizmoAuthProvider.java

public void init() throws Exception {
    if (!useLdapAuth()) {
        return;//  w ww .j  a  v a 2  s .c om
    }
    LdapContextSource contextSource = new DefaultSpringSecurityContextSource(ldapHost);
    contextSource.setUserDn(ldapUsername);
    contextSource.setPassword(ldapPassword);
    contextSource.afterPropertiesSet();

    DefaultLdapAuthoritiesPopulator ldapAuthoritiesPopulator = new DefaultLdapAuthoritiesPopulator(
            contextSource, ldapGroupSearchBase);
    ldapAuthoritiesPopulator.setGroupRoleAttribute(ldapGroupRoleAttribute);
    ldapAuthoritiesPopulator.setGroupSearchFilter(ldapGroupSearchFilter);

    ldapBindAuthenticator = new SimpleBindAunthenticator(contextSource, gizmoGroup);
    ldapBindAuthenticator.setUserDnPatterns(new String[] { userDnPattern });
}

From source file:net.oneandone.stool.overview.config.SecurityConfiguration.java

@Override
public UserDetailsService userDetailsService() {
    FilterBasedLdapUserSearch userSearch;
    DefaultLdapAuthoritiesPopulator authoritiesPopulator;
    LdapUserDetailsService result;//from w w w. j a va 2s.  c o m

    userSearch = new FilterBasedLdapUserSearch("ou=cisostages", "(uid={0})", contextSource());
    authoritiesPopulator = new DefaultLdapAuthoritiesPopulator(contextSource(), "ou=roles,ou=cisostages");
    authoritiesPopulator.setGroupSearchFilter("(member=uid={1})");
    authoritiesPopulator.setGroupRoleAttribute("ou");
    authoritiesPopulator.setSearchSubtree(false);
    authoritiesPopulator.setIgnorePartialResultException(true);

    result = new LdapUserDetailsService(userSearch, authoritiesPopulator);
    result.setUserDetailsMapper(new InetOrgPersonContextMapper());
    return result;
}

From source file:io.gravitee.management.idp.ldap.authentication.LdapAuthenticationProviderConfigurer.java

/**
 * Gets the {@link LdapAuthoritiesPopulator} and defaults to
 * {@link DefaultLdapAuthoritiesPopulator}
 *
 * @return the {@link LdapAuthoritiesPopulator}
 *///w  w w  .j av a2s .  com
private LdapAuthoritiesPopulator getLdapAuthoritiesPopulator() {
    if (ldapAuthoritiesPopulator != null) {
        return ldapAuthoritiesPopulator;
    }

    DefaultLdapAuthoritiesPopulator defaultAuthoritiesPopulator = new DefaultLdapAuthoritiesPopulator(
            contextSource, groupSearchBase);
    defaultAuthoritiesPopulator.setGroupRoleAttribute(groupRoleAttribute);
    defaultAuthoritiesPopulator.setGroupSearchFilter(groupSearchFilter);

    this.ldapAuthoritiesPopulator = defaultAuthoritiesPopulator;
    return defaultAuthoritiesPopulator;
}

From source file:org.apache.atlas.web.security.AtlasLdapAuthenticationProvider.java

private Authentication getLdapAuthentication(Authentication authentication) {

    if (isDebugEnabled) {
        LOG.debug("==> AtlasLdapAuthenticationProvider getLdapAuthentication");
    }/*  w  w w. j  a va  2 s. co m*/

    try {
        // taking the user-name and password from the authentication
        // object.
        String userName = authentication.getName();
        String userPassword = "";
        if (authentication.getCredentials() != null) {
            userPassword = authentication.getCredentials().toString();
        }

        // populating LDAP context source with LDAP URL and user-DN-pattern
        LdapContextSource ldapContextSource = new DefaultSpringSecurityContextSource(ldapURL);

        ldapContextSource.setCacheEnvironmentProperties(false);
        ldapContextSource.setAnonymousReadOnly(true);

        // Creating BindAuthenticator using Ldap Context Source.
        BindAuthenticator bindAuthenticator = new BindAuthenticator(ldapContextSource);
        //String[] userDnPatterns = new String[] { rangerLdapUserDNPattern };
        String[] userDnPatterns = ldapUserDNPattern.split(";");
        bindAuthenticator.setUserDnPatterns(userDnPatterns);

        LdapAuthenticationProvider ldapAuthenticationProvider = null;

        if (!StringUtils.isEmpty(ldapGroupSearchBase) && !StringUtils.isEmpty(ldapGroupSearchFilter)) {
            // Creating LDAP authorities populator using Ldap context source and
            // Ldap group search base.
            // populating LDAP authorities populator with group search
            // base,group role attribute, group search filter.
            DefaultLdapAuthoritiesPopulator defaultLdapAuthoritiesPopulator = new DefaultLdapAuthoritiesPopulator(
                    ldapContextSource, ldapGroupSearchBase);
            defaultLdapAuthoritiesPopulator.setGroupRoleAttribute(ldapGroupRoleAttribute);
            defaultLdapAuthoritiesPopulator.setGroupSearchFilter(ldapGroupSearchFilter);
            defaultLdapAuthoritiesPopulator.setIgnorePartialResultException(true);

            // Creating Ldap authentication provider using BindAuthenticator and Ldap authentication populator
            ldapAuthenticationProvider = new LdapAuthenticationProvider(bindAuthenticator,
                    defaultLdapAuthoritiesPopulator);
        } else {
            ldapAuthenticationProvider = new LdapAuthenticationProvider(bindAuthenticator);
        }

        // getting user authenticated
        if (userName != null && userPassword != null && !userName.trim().isEmpty()
                && !userPassword.trim().isEmpty()) {
            final List<GrantedAuthority> grantedAuths = getAuthorities(userName);

            final UserDetails principal = new User(userName, userPassword, grantedAuths);

            final Authentication finalAuthentication = new UsernamePasswordAuthenticationToken(principal,
                    userPassword, grantedAuths);

            authentication = ldapAuthenticationProvider.authenticate(finalAuthentication);
            if (groupsFromUGI) {
                authentication = getAuthenticationWithGrantedAuthorityFromUGI(authentication);
            }
            return authentication;
        } else {
            return authentication;
        }
    } catch (Exception e) {
        LOG.error("getLdapAuthentication LDAP Authentication Failed:", e);
    }
    if (isDebugEnabled) {
        LOG.debug("<== AtlasLdapAuthenticationProvider getLdapAuthentication");
    }
    return authentication;
}

From source file:org.apache.atlas.web.security.AtlasLdapAuthenticationProvider.java

private DefaultLdapAuthoritiesPopulator getDefaultLdapAuthoritiesPopulator(
        LdapContextSource ldapContextSource) {
    DefaultLdapAuthoritiesPopulator defaultLdapAuthoritiesPopulator = new DefaultLdapAuthoritiesPopulator(
            ldapContextSource, ldapGroupSearchBase);
    defaultLdapAuthoritiesPopulator.setGroupRoleAttribute(ldapGroupRoleAttribute);
    defaultLdapAuthoritiesPopulator.setGroupSearchFilter(ldapGroupSearchFilter);
    defaultLdapAuthoritiesPopulator.setIgnorePartialResultException(true);
    return defaultLdapAuthoritiesPopulator;
}

From source file:org.pentaho.test.platform.plugin.services.security.userrole.ldap.DefaultLdapUserRoleListServiceTest.java

/**
 * Get the roles of user <code>suzy</code> by returning the <code>cn</code> attribute of each object that matches base
 * of <code>ou=roles</code> and filter of <code>(roleOccupant={0})</code>.
 * /*  ww w.  java2  s .c  om*/
 * <p>
 * Note that the UserDetailsService used by Spring Security is re-used here.
 * </p>
 */
@Test
public void testGetAuthoritiesForUser2() {
    DefaultLdapAuthoritiesPopulator populator = new DefaultLdapAuthoritiesPopulator(getContextSource(),
            "ou=roles"); //$NON-NLS-1$
    populator.setGroupRoleAttribute("cn"); //$NON-NLS-1$
    populator.setGroupSearchFilter("(roleOccupant={0})"); //$NON-NLS-1$

    LdapUserSearch userSearch = getUserSearch("ou=users", "(uid={0})"); //$NON-NLS-1$//$NON-NLS-2$

    LdapUserDetailsService service = new LdapUserDetailsService(userSearch, populator);

    DefaultLdapUserRoleListService userRoleListService = getDefaultLdapUserRoleListService();

    userRoleListService.setUserDetailsService(service);

    List res = userRoleListService.getRolesForUser(null, "suzy"); //$NON-NLS-1$
    assertTrue(res.contains("ROLE_IS")); //$NON-NLS-1$

    if (logger.isDebugEnabled()) {
        logger.debug("results of getAuthoritiesForUser2(): " + res); //$NON-NLS-1$
    }

}

From source file:org.pentaho.test.platform.plugin.services.security.userrole.ldap.DefaultLdapUserRoleListServiceTest.java

/**
 * Same as above except sorted./*w ww.jav  a  2s.  c om*/
 */
@Test
public void testGetAuthoritiesForUser2Sorted() {
    DefaultLdapAuthoritiesPopulator populator = new DefaultLdapAuthoritiesPopulator(getContextSource(),
            "ou=roles"); //$NON-NLS-1$
    populator.setGroupRoleAttribute("cn"); //$NON-NLS-1$
    populator.setGroupSearchFilter("(roleOccupant={0})"); //$NON-NLS-1$

    LdapUserSearch userSearch = getUserSearch("ou=users", "(uid={0})"); //$NON-NLS-1$//$NON-NLS-2$

    LdapUserDetailsService service = new LdapUserDetailsService(userSearch, populator);

    DefaultLdapUserRoleListService userRoleListService = getDefaultLdapUserRoleListService();

    userRoleListService.setUserDetailsService(service);
    userRoleListService.setRoleComparator(new DefaultRoleComparator());

    List res = userRoleListService.getRolesForUser(null, "suzy"); //$NON-NLS-1$
    assertTrue(res.contains("ROLE_POWER_USER")); //$NON-NLS-1$

    if (logger.isDebugEnabled()) {
        logger.debug("results of getAuthoritiesForUser2Sorted(): " + res); //$NON-NLS-1$
    }

}