•  29-05-2022
  •  | 
  •  

Question

I am new to spring security and LDAP too. Trying to integrate ldap server using spring security Also followed a couple of examples or the same.

Security xml looks like this

<beans:beans xmlns:="http://www.springframework.org/schema/security"
             xmlns:beans="http://www.springframework.org/schema/beans" 
             xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
             xsi:schemaLocation="http://www.springframework.org/schema/beans
    http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
    http://www.springframework.org/schema/security
    http://www.springframework.org/schema/security/spring-security-3.1.xsd">

    <http auto-config="true" >              
        <intercept-url pattern="/jsp/login.htm" />               
        <intercept-url pattern="/jsp/home*" />
        <intercept-url pattern="/jsp/search*"  />
        <intercept-url pattern="/jsp/errorSearch*"/>
        <form-login login-page="/jsp/login.htm" default-target-url="/jsp/home.htm" login-processing-url="/jsp/j_spring_security_check"/>            
        <logout logout-url="/jsp/j_spring_security_logout" logout-success-url="/jsp/login.htm" />
    </http>


    <ldap-server 
        url="ldap://honts0102.homeoffice.test.com/DC=homeoffice,DC=com" 
        manager-dn="CN=gec-jirasvc,OU=GEC_Service Accounts,OU=Users,OU=GEC,DC=homeoffice,DC=com" 
        manager-password="userpasswd"/>
    <authentication-manager>
        <ldap-authentication-provider `enter code here`
        user-search-filter="(sAMAccountName={0})"
           user-search-base="OU=GEC_Service Accounts,OU=Users,OU=GEC,DC=homeoffice,DC=com">
        </ldap-authentication-provider>
    </authentication-manager>


</beans:beans>

The manager dn I used here is a service account. Not getting any error at the back end but the login page is not authenticating the users. I would really appreciate if anyone could help me resolving this and provide me some way by which I can at-least check/set logs for LDAP server.

Was it helpful?

Solution

I had the same "error" and i have resolved it with this simple configuration:

<bean id="ldapActiveDirectoryAuthProvider" class="org.springframework.security.ldap.authentication.ad.ActiveDirectoryLdapAuthenticationProvider">
    <constructor-arg value="homeoffice.com" />
    <constructor-arg value="ldap://honts0102.homeoffice.test.com:389/" />
    <property name="useAuthenticationRequestCredentials" value="true" />
    <property name="convertSubErrorCodesToExceptions" value="true" />
</bean>

<authentication-manager>
    <authentication-provider ref="ldapActiveDirectoryAuthProvider" />
</authentication-manager>

...

With the property:

property name="convertSubErrorCodesToExceptions" value="true" />

Spring security will raise exceptions when the authentication with ldap server return errors. So you can see better where you have errors.

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top