Announcement Announcement Module
No announcement yet.
authenticating with LDAP but not authorizing with it Page Title Module
Move Remove Collapse
This topic is closed
Conversation Detail Module
  • Filter
  • Time
  • Show
Clear All
new posts

  • authenticating with LDAP but not authorizing with it

    If roles aren't stored in LDAP, but in a different place,
    let's say for now a database, what are the plug in points
    in Acegi that I need to look at to extend it so GrantedAuthorities
    can be filled with the correct data?


  • #2
    I'm not sure about the rest of it; but currently you will need to set the value of the defaultRole property, otherwise the LdapPasswordAuthenticationDao will throw an exception. I am thinking about adding a boolean flag to all users to override this behavior; but I'm not sure how this would affect the contract of the loadUserByUsernameAndPassword() method.


    • #3
      Perhaps try a PasswordAuthenticationDao that wraps the existing LdapPasswordAuthenticationDao. Go to LdapPasswordAuthenticationDao for credential and profile information, then decorate the UserDetails with GrantedAuthority information from another location. Alternatively, an extension point can be added to LdapPasswordAuthenticationDao to enable subclasses to customise GrantedAuthority[] population.