EDIT [2013.05.03]:Located the exact example I was looking for in the samples in the Spring Security source. Ended up wiring an LdapAuthenticationProvider manually using references for various properties. Then I used authentication-manager, http, and global-method-security as usual. Not my favorite solution, but a decent compromise, if I say so myself. Further side note to anyone who may stumble on this post: The defaults when building the <beans> manually are not the same as the defaults when using <ldap-authentication-provider> and <ldap-server>. You may want to reference the JavaDoc while doing so.
I'm currently attempting to configure Spring Security and seem to have run into a problem, when using SpEL expressions to access beans inside of XML attributes, it appears the SpEL is not being evaluated. Instead, it simply strips the #{ } tags. Is there a way to make this work or is it just not going to work? If so, how would I configure this without using the XSD based configuration? The documentation seems a bit light on how to go about doing that.
I'm currently attempting to configure Spring Security and seem to have run into a problem, when using SpEL expressions to access beans inside of XML attributes, it appears the SpEL is not being evaluated. Instead, it simply strips the #{ } tags. Is there a way to make this work or is it just not going to work? If so, how would I configure this without using the XSD based configuration? The documentation seems a bit light on how to go about doing that.
Code:
<?xml version="1.0" encoding="UTF-8"?> <beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:p="http://www.springframework.org/schema/p" xmlns:security="http://www.springframework.org/schema/security" xmlns:jee="http://www.springframework.org/schema/jee" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.5.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.0.3.xsd http://www.springframework.org/schema/jee http://www.springframework.org/schema/jee/spring-jee-3.0.xsd"> <jee:jndi-lookup id="ldapUrl" jndi-name="java:comp/env/ldapAuth-ldap-server-url" /> <jee:jndi-lookup id="ldapManagerDn" jndi-name="java:comp/env/ldapAuth-manager-dn" /> <jee:jndi-lookup id="ldapManagerPass" jndi-name="java:comp/env/ldapAuth-manager-password" /> <jee:jndi-lookup id="ldapUserDnPattern" jndi-name="java:comp/env/ldapAuth-user-dn-pattern" /> <jee:jndi-lookup id="ldapGroupSearchBase" jndi-name="java:comp/env/ldapAuth-group-search-base" /> <security:http> <security:intercept-url pattern="/**" /> <security:http-basic/> </security:http> <security:global-method-security> <security:protect-pointcut access="ROLE_EJNDI_ADMIN_RO,ROLE_EJNDI_ADMIN_RW" expression="execution(* com.some.package.ServiceClass.listApplications(..))" /> </security:global-method-security> <security:ldap-server url="#{ldapUrl}" manager-dn="#{ldapManagerDn}" manager-password="#{ldapManagerPass}" /> <security:authentication-manager> <security:ldap-authentication-provider user-dn-pattern="#{ldapUserDnPattern}" group-search-base="#{ldapGroupSearchBase}" /> </security:authentication-manager>