Spring Security integration into active directory
-
13-09-2019 - |
Question
I want to authenticate my web service in Spring with an Active Directory lookup at both the producer and the consumer - under the Principal that that each are executing under (ie Service Accounts).
I'm assuming I have to use
JaasPlainTextPasswordValidationCallbackHandler
and
JaasCertificateValidationCallbackHandler
and set up my
jaas.config
file.
Can anyone give me a code example of where to go from here? I'm guessing the Service Account names will need to go into the jaas.config file - but if so - I'd like that to be automatically populated.
Solution
You shouldn't need JAAS at all. A simple LDAP authentication scheme should work fine for Spring Security and Active Directory; Active Directory exposes an LDAP interface (typically port 389).
http://static.springframework.org/spring-security/site/docs/2.0.x/reference/ldap.html