Announcement Announcement Module
Collapse
No announcement yet.
Ldap + oc4j Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Ldap + oc4j

    Hi all,
    I'm tryng to integrate spring security in my application. We use Ldap for authentication.
    this is my applicationContext-security.xml

    Code:
    <beans xmlns="http://www.springframework.org/schema/beans"
        xmlns:s="http://www.springframework.org/schema/security"
        xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
        xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
        http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.1.xsd">
        <s:http>
            <s:intercept-url pattern="/secure/extreme/**" access="IS_AUTHENTICATED_FULLY"/>
            <s:intercept-url pattern="/secure/**" access="IS_AUTHENTICATED_FULLY" />
            <s:intercept-url pattern="/**" access="IS_AUTHENTICATED_ANONYMOUSLY" />
            <s:form-login />
            <s:anonymous />
            <s:logout />
        </s:http>
        <!-- Simple namespace-based configuration -->
        <!--<s:ldap-server ldif="classpath:users.ldif" port="33389"/>-->
         <!--<ldap-server url="ldap://springframework.org:389/dc=config,dc=org" />-->
        <!--<s:ldap-authentication-provider
            group-search-filter="member={0}" 
            group-search-base="ou=groups"
            user-search-base="ou=people"
            user-search-filter="uid={0}"
        />-->
    
        <!-- Traditional Bean version of the same configuration -->
        
        <!-- This bean points at the embedded directory server created by the ldap-server element above  -->
        <bean id="contextSource" class="org.springframework.security.ldap.DefaultSpringSecurityContextSource">
            <constructor-arg value="ldap://localhost:33389/dc=springframework,dc=org"/>
        </bean>
    
        <bean id="secondLdapProvider" class="org.springframework.security.providers.ldap.LdapAuthenticationProvider">
            <s:custom-authentication-provider />
    		<constructor-arg>
    			<bean class="org.springframework.security.providers.ldap.authenticator.BindAuthenticator">
    				<constructor-arg ref="contextSource" />
    				<property name="userSearch">
    					<bean id="userSearch" class="org.springframework.security.ldap.search.FilterBasedLdapUserSearch">
    					  <constructor-arg index="0" value="ou=people"/>
    					  <constructor-arg index="1" value="(uid={0})"/>
    					  <constructor-arg index="2" ref="contextSource" />
    					</bean>				
    				</property>
    			</bean>
    		</constructor-arg>
    		<constructor-arg>
    			<bean class="org.springframework.security.ldap.populator.DefaultLdapAuthoritiesPopulator">
    				<constructor-arg ref="contextSource" />
    				<constructor-arg value="ou=groups" />
    				<property name="groupSearchFilter" value="(member={0})"/>
    				<property name="rolePrefix" value="ROLE_"/>
    				<property name="searchSubtree" value="true"/>
    				<property name="convertToUpperCase" value="true"/>
    			</bean>
    		</constructor-arg>
        </bean>
    
    </beans>
    i want to read a file namend jazn-data.xml(that point to system-jazn-data.xml) situated in the folder config of my local oc4j here's an example of

    jazn-data.xml
    Code:
    <?xml version="1.0" encoding="UTF-8" standalone='yes'?>
    
    <jazn 
      xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
      xsi:noNamespaceSchemaLocation="http://xmlns.oracle.com/oracleas/schema/jazn-10_0.xsd"
      schema-major-version="10"
      schema-minor-version="0"
      provider="XML" 
      location="./system-jazn-data.xml" 
      default-realm="jazn.com">
            <!-- properties to configure the 3rd party IDM framework -->
    	<property name="idm.authentication.name" value="JavaSSO" />
    	<property name="idm.token.asserter.class" value="oracle.security.jazn.sso.SSOCookieTokenAsserter" />
    	<property name="idm.token.collector.class" value="oracle.security.jazn.sso.SSOCookieTokenCollector" />
    	<property name="idm.token.type" value="HTTP_COOKIE" />
    	<property name="idm.token.collector.cookie.1" value="ORA_OC4J_SSO" />
    
            <!-- properties for the out of the box Java SSO -->
    	<property name="custom.sso.url.login" value="/jsso/SSOLogin" />
    	<property name="custom.sso.url.logout" value="/jsso/SSOLogout" />
    	<property name="custom.sso.key.alias" value="ssoSymmetricKey" />
    </jazn>
    system-jazn-data.xml
    Code:
    <?xml version="1.0" encoding="UTF-8" standalone='yes'?>
    <jazn-data
      xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
      xsi:noNamespaceSchemaLocation="http://xmlns.oracle.com/oracleas/schema/jazn-data-10_0.xsd"
      schema-major-version="10"
      schema-minor-version="0"
    >
    <!-- JAZN Realm Data -->
    <jazn-realm>
    	<realm>
    		<name>jazn.com</name>
    		<users>
    			<user deactivated="true">
    				<name>anonymous</name>
    				<guid>CE9A6391081A11DEBFDEDDF9516FE547</guid>
    				<description>The default guest/anonymous user</description>
    			</user>
    			<user>
    				<name>oc4jadmin</name>
    				<display-name>OC4J Administrator</display-name>
    				<guid>CEA18F80081A11DEBFDEDDF9516FE547</guid>
    				<description>OC4J Administrator</description>
    				<credentials>{903}abRhAPmRNYuNFrX7bEWDB2PC70lMTJt9JO9aJpTeVLY=</credentials>
    			</user>
    			<user>
    				<name>foo</name>
    				<display-name>foo</display-name>
    				<guid>F5FBC6B25A5211DEBFD8110F7FF3AE09</guid>
    				<description>Sample user for UDDI publishing.</description>
    				<credentials>{903}G0Ibge2t93FDIxxLS0qBZOdHdCE7TrlQqLwpvrRxWL8=</credentials>
    			</user>
    		</users>
    		<roles>
    			<role>
    				<name>ADUI_AGEA_REGI</name>
    				<display-name>ADUI_AGEA_REGI</display-name>
    				<description>ADUI_AGEA_REGI</description>
    				<guid>F5FBC6B45A5211DEBFD8110F7FF3AE09</guid>
    				<members>
    					<member>
    						<type>user</type>
    						<name>foo</name>
    					</member>
    					<member>
    						<type>user</type>
    						<name>oc4jadmin</name>
    					</member>
    				</members>
    			</role>
    					</roles>
    	</realm>
    </jazn-realm>
    
    </jazn-data>
    the application doesn't load the user and roles from my xml file....... somebody can help me?
    Thanks

  • #2
    I'm not really sure what you're asking - why do you expect the application to load that file?

    Spring Security doesn't know anything about what container you are running in and won't do anything container-specific out of the box. You are using a DefaultLdapAuthoritiesPopulator, which will load roles from the LDAP directory.

    If you want to authenticate via your container, and just use Spring Security for authorization, then read the information on pre-authentication in the manual and in previous posts in this forum.

    Comment

    Working...
    X