Announcement Announcement Module
Collapse
No announcement yet.
Ldap configuration mapping Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Ldap configuration mapping

    Hello,
    I have the following configuration from an apache server. I do not know how to map this information to an applicationContext-Security.xml

    <Location /xxx/>
    Order allow,deny
    Allow from all

    AuthType Basic
    AuthBasicProvider ldap
    AuthName "Use your xxxx LDAP credentials"

    AuthzLDAPAuthoritative On
    AuthLdapUrl ldap://ldap02.thedomain.com:389/o=thecompany,c=de?uid?sub?(objectClass=*)

    Require ldap-group cn=thecompanyGroup,o=thecompany,c=com </Location>


    <Location /xxx/yyy>

    DAV svn

    SVNParentPath /xxx/yyy/zzzzzzzz/data/apache-ttttt-svn/repos/asdf/

    # read/write access
    <Limit OPTIONS PROPFIND GET REPORT>
    Require ldap-group cn=thecompanyGroup,o=thecompany,c=com
    </Limit>

    # read-only access
    <Limit MKACTIVITY PROPPATCH PUT MKCOL MOVE COPY DELETE LOCK UNLOCK MERGE>
    Require valid-user
    </Limit>
    </Location>

    I just need to authenticate users against the LDAP server, but I quite confused, since I do not know much about them and moreover I do not have a full working example of applicationContext-security.xml from spring security 3. I have read the manual and I am still confused.
    I am quite new to LDAP so the following question might sound stupid: Do I need to create/implement a class in my project in order to authenticate users? Or is it just a question of configuration the applicationContext-Security.xml and adding spring security jars.
    And, what is that objectClass=* thing? Please don´t laugh…

    David

  • #2
    And, what is that objectClass=* thing?
    It is an LDAP search expression that is used to match all the LDAP entries. If you want to learn LDAP and search expressions, I recommend this online reference: http://www.zytrax.com/books/ldap

    Do I need to create/implement a class in my project in order to authenticate users? Or is it just a question of configuration the applicationContext-Security.xml and adding spring security jars.
    With Spring Security, you probabily wouldn't need a custom class for authentication. Spring Security comes with a sample application that you can download from http://repo2.maven.org/maven2/org/sp...3.0.3.RELEASE/ The file name is spring-security-samples-ldap-3.0.3.RELEASE.war

    If you are not using Spring Security in your application and all you need is simple authentication, then Spring LDAP is what you would need. Look at this chapter from Spring LDAP documentation: http://static.springsource.org/sprin...ntication.html

    Also, look at the java.net article http://today.java.net/pub/a/today/20...de-simple.html for a quick introduction to Spring LDAP

    HTH

    Comment

    Working...
    X