Question
This documentation explains how to configure Spring-Security LDAP:
http://docs.spring.io/spring-security/site/docs/3.2.4.CI-SNAPSHOT/reference/htmlsingle/#ldap
3.4.5. Spring Bean Configuration <bean id="contextSource" class="org.springframework.security.ldap.DefaultSpringSecurityContextSource"> <constructor-arg value="ldap://monkeymachine:389/dc=springframework,dc=org"/> <property name="userDn" value="cn=manager,dc=springframework,dc=org"/> <property name="password" value="password"/> </bean> <bean id="ldapAuthProvider" class="org.springframework.security.ldap.authentication.LdapAuthenticationProvider"> <constructor-arg> <bean class="org.springframework.security.ldap.authentication.BindAuthenticator"> <constructor-arg ref="contextSource"/> <property name="userDnPatterns"> <list><value>uid={0},ou=people</value></list> </property> </bean> </constructor-arg> <constructor-arg> <bean class="org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator"> <constructor-arg ref="contextSource"/> <constructor-arg value="ou=groups"/> <property name="groupRoleAttribute" value="ou"/> </bean> </constructor-arg> </bean>
how can we achieve this without xml? Here we have a sample which uses a local ldif file: https://github.com/spring-projects/spring-security/blob/master/samples/ldap-jc/src/main/java/org/springframework/security/samples/config/SecurityConfig.java
I've modified SecurityConfig.java as follows:
https://stackoverflow.com/questions/23344787
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russian public void registerGlobalAuthentication(AuthenticationManagerBuilder auth) throws Exception {
DefaultSpringSecurityContextSource contextSource = new DefaultSpringSecurityContextSource(ldap_url);
contextSource.setUrl(ldap_user);
contextSource.setPassword(ldap_password);
DefaultLdapAuthoritiesPopulator ldapAuthoritiesPopulator = new DefaultLdapAuthoritiesPopulator(contextSource, "ou=groups");
ldapAuthoritiesPopulator.setGroupRoleAttribute("ou");
LdapAuthenticationProviderConfigurer<AuthenticationManagerBuilder> ldapAuthenticationProviderConfigurer = auth.ldapAuthentication();
ldapAuthenticationProviderConfigurer
.userDnPatterns("uid={0},ou=people")
.groupSearchBase("ou=groups")
.contextSource(contextSource)
.ldapAuthoritiesPopulator(ldapAuthoritiesPopulator);
}
}
but when I login using the web form, I get this error:
java.lang.NullPointerException
at java.util.Hashtable.<init>(Hashtable.java:296)
at org.springframework.ldap.core.support.AbstractContextSource.getAuthenticatedEnv(AbstractContextSource.java:499)
at org.springframework.ldap.core.support.AbstractContextSource.doGetContext(AbstractContextSource.java:114)
at org.springframework.ldap.core.support.AbstractContextSource.getContext(AbstractContextSource.java:110)
at org.springframework.security.ldap.authentication.BindAuthenticator.bindWithDn(BindAuthenticator.java:112)
Is there a similar documentation to http://docs.spring.io/spring-security/site/docs/3.2.4.CI-SNAPSHOT/reference/htmlsingle/#ldap explaining how to achieve this without spring xml?
Solution
You need to call
contextSource.afterPropertiesSet()
if you are using the class outside an application context (see the source and Javadoc for Spring LDAP's AbstractContextSource for more information). Either that or you can just make it an @Bean and Spring will call the method and initialize it for you.
Also
contextSource.setUrl(ldap_user);
doesn't look right. Shouldn't that be setUserDn ?
