Announcement Announcement Module
Collapse
No announcement yet.
Authentication using LDAP Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Authentication using LDAP

    Hi.
    I have to autenthicate my users by using two LDAP server.
    In at nutshell I am look for my user credential in two differents LDAP data sources ...

    How can I do that ?

    TIA

  • #2
    Configure two ContextSource beans and wire them each to an LdapTemplate bean. Then use the two LdapTemplate beans in your code to search for your user.

    Comment


    • #3
      Authentication using LDAP

      Thanks,
      I'll be testing it

      Comment


      • #4
        HI.
        I defined my security as:
        <security:ldap-user-service
        server-ref="ldapServer"
        group-search-filter="member={0}"
        group-role-attribute="cn"
        user-search-base=""
        user-search-filter="uid={0}"
        group-search-base="" />
        <securityassword-encoder hash="plaintext" />
        </security:authentication-provider>

        <security:ldap-server id="ldapServer"
        url="ldap://ldap-cert:389/o=IEXTRA"
        manager-dn="cn=AdmSeg,ou=RECURSOS,o=IEXTRA"
        manager-password="segurid@d"
        />

        But when I tried to authenticate i am able to find the user but Spring returns user no authenticated. Here is the log

        Principal: 'cn=AdmSeg,ou=RECURSOS,o=IEXTRA'
        - Got Ldap context on server 'ldap://ldap-cert:389/o=IEXTRA'
        - Getting authorities for user cn=C1040001080101, ou=PROVINCIAL, ou=BUNIVERSAL, ou=IFINANCIERAS, ou=ECCII, o=IEXTRA
        - Searching for roles for user C1040001080001, DN = cn=C1040001080101, ou=PROVINCIAL, ou=BUNIVERSAL, ou=IFINANCIERAS, ou=ECCII, o=IEXTRA, with filter member={0} in search base '
        - Using filter: member=cn=C1040001080101, ou=PROVINCIAL, ou=BUNIVERSAL, ou=IFINANCIERAS, ou=ECCII, o=IEXTRA
        - The returnObjFlag of supplied SearchControls is not set but a ContextMapper is used - setting flag to true
        - Principal: 'cn=AdmSeg,ou=RECURSOS,o=IEXTRA'
        - Got Ldap context on server 'ldap://ldap-cert:389/o=IEXTRA'
        - Roles from search: [G_Tramitador_SICAM, G_User_CC_Ext_Reg, G_Usuario_SAP]
        - Mapping user details from context with DN: cn=C1040001080101, ou=PROVINCIAL, ou=BUNIVERSAL, ou=IFINANCIERAS, ou=ECCII, o=IEXTRA
        - Publishing event in context [org.springframework.web.context.support.XmlWebAppl icationContext@ff14be]: org.springframework.security.event.authentication. AuthenticationFailureBadCredentialsEvent[source=org.springframework.security.providers.User namePasswordAuthenticationToken@1fd5b7ed: Principal: C1040001080001; Password: [PROTECTED]; Authenticated: false; Details: org.springframework.security.ui.WebAuthenticationD etails@1c07a: RemoteIpAddress: 127.0.0.1; SessionId: 08cfceb177a8d8e022505b02944f; Not granted any authorities]
        - Updated SecurityContextHolder to contain null Authentication
        - Authentication request failed: org.springframework.security.BadCredentialsExcepti on: Bad credentials
        - SecurityContextHolder now cleared, as request processing completed
        - Converted URL to lowercase, from: '/login.jsp'; to: '/login.jsp'

        See the line "Bad credentials"

        TIA

        Comment


        • #5
          Hi. I just add those lines to my ApplicationContext:

          <security:ldap-user-service
          server-ref="ldapServer"
          group-search-filter="member={0}"
          group-role-attribute="cn"
          user-search-base=""
          user-search-filter="uid={0}"
          group-search-base="" />
          <securityassword-encoder hash="plaintext" />
          </security:authentication-provider>

          <security:ldap-server id="ldapServer"
          url="ldap://ldap-cert:389/o=IEXTRA"
          manager-dn="cn=AdmSeg,ou=RECURSOS,o=IEXTRA"
          manager-password="segurid@d"
          />


          But I got "Bad credentials" (I am positive that the user I am testing exist). The log is:

          Principal: 'cn=AdmSeg,ou=RECURSOS,o=IEXTRA'
          - Got Ldap context on server 'ldap://ldap-cert:389/o=IEXTRA'
          - Getting authorities for user cn=C1040001080101, ou=PROVINCIAL, ou=BUNIVERSAL, ou=IFINANCIERAS, ou=ECCII, o=IEXTRA
          - Searching for roles for user C1040001080001, DN = cn=C1040001080101, ou=PROVINCIAL, ou=BUNIVERSAL, ou=IFINANCIERAS, ou=ECCII, o=IEXTRA, with filter member={0} in search base '
          - Using filter: member=cn=C1040001080101, ou=PROVINCIAL, ou=BUNIVERSAL, ou=IFINANCIERAS, ou=ECCII, o=IEXTRA
          - The returnObjFlag of supplied SearchControls is not set but a ContextMapper is used - setting flag to true
          - Principal: 'cn=AdmSeg,ou=RECURSOS,o=IEXTRA'
          - Got Ldap context on server 'ldap://ldap-cert:389/o=IEXTRA'
          - Roles from search: [G_Tramitador_SICAM, G_User_CC_Ext_Reg, G_Usuario_SAP]
          - Mapping user details from context with DN: cn=C1040001080101, ou=PROVINCIAL, ou=BUNIVERSAL, ou=IFINANCIERAS, ou=ECCII, o=IEXTRA
          - Publishing event in context [org.springframework.web.context.support.XmlWebAppl icationContext@ff14be]: org.springframework.security.event.authentication. AuthenticationFailureBadCredentialsEvent[source=org.springframework.security.providers.User namePasswordAuthenticationToken@1fd5b7ed: Principal: C1040001080001; Password: [PROTECTED]; Authenticated: false; Details: org.springframework.security.ui.WebAuthenticationD etails@1c07a: RemoteIpAddress: 127.0.0.1; SessionId: 08cfceb177a8d8e022505b02944f; Not granted any authorities]
          - Updated SecurityContextHolder to contain null Authentication
          - Authentication request failed: org.springframework.security.BadCredentialsExcepti on: Bad credentials
          - SecurityContextHolder now cleared, as request processing completed
          - Converted URL to lowercase, from: '/login.jsp'; to: '/login.jsp'

          Comment

          Working...
          X