EDIT [2013.05.03]:Located the exact example I was looking for in the samples in the Spring Security source. Ended up wiring an LdapAuthenticationProvider manually using references for various properties. Then I used authentication-manager, http, and global-method-security as usual. Not my favorite solution, but a decent compromise, if I say so myself. Further side note to anyone who may stumble on this post: The defaults when building the <beans> manually are not the same as the defaults when using <ldap-authentication-provider> and <ldap-server>. You may want to reference the JavaDoc while doing so.
I'm currently attempting to configure Spring Security and seem to have run into a problem, when using SpEL expressions to access beans inside of XML attributes, it appears the SpEL is not being evaluated. Instead, it simply strips the #{ } tags. Is there a way to make this work or is it just not going to work? If so, how would I configure this without using the XSD based configuration? The documentation seems a bit light on how to go about doing that.
I'm currently attempting to configure Spring Security and seem to have run into a problem, when using SpEL expressions to access beans inside of XML attributes, it appears the SpEL is not being evaluated. Instead, it simply strips the #{ } tags. Is there a way to make this work or is it just not going to work? If so, how would I configure this without using the XSD based configuration? The documentation seems a bit light on how to go about doing that.
Code:
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:p="http://www.springframework.org/schema/p"
xmlns:security="http://www.springframework.org/schema/security"
xmlns:jee="http://www.springframework.org/schema/jee"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-2.5.xsd http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.0.3.xsd
http://www.springframework.org/schema/jee http://www.springframework.org/schema/jee/spring-jee-3.0.xsd">
<jee:jndi-lookup id="ldapUrl" jndi-name="java:comp/env/ldapAuth-ldap-server-url" />
<jee:jndi-lookup id="ldapManagerDn" jndi-name="java:comp/env/ldapAuth-manager-dn" />
<jee:jndi-lookup id="ldapManagerPass" jndi-name="java:comp/env/ldapAuth-manager-password" />
<jee:jndi-lookup id="ldapUserDnPattern" jndi-name="java:comp/env/ldapAuth-user-dn-pattern" />
<jee:jndi-lookup id="ldapGroupSearchBase" jndi-name="java:comp/env/ldapAuth-group-search-base" />
<security:http>
<security:intercept-url pattern="/**" />
<security:http-basic/>
</security:http>
<security:global-method-security>
<security:protect-pointcut
access="ROLE_EJNDI_ADMIN_RO,ROLE_EJNDI_ADMIN_RW"
expression="execution(* com.some.package.ServiceClass.listApplications(..))" />
</security:global-method-security>
<security:ldap-server url="#{ldapUrl}"
manager-dn="#{ldapManagerDn}"
manager-password="#{ldapManagerPass}"
/>
<security:authentication-manager>
<security:ldap-authentication-provider
user-dn-pattern="#{ldapUserDnPattern}"
group-search-base="#{ldapGroupSearchBase}"
/>
</security:authentication-manager>