Announcement Announcement Module
No announcement yet.
ldap Spring security authenticate on multiple values Page Title Module
Move Remove Collapse
Conversation Detail Module
  • Filter
  • Time
  • Show
Clear All
new posts

  • ldap Spring security authenticate on multiple values

    Is it possible to authenticate based on uid and AD groups to define a user's role(s)?

    If so, can you please provide some guidance on what is required?


  • #2
    bump -- does anyone know if this is possible?


    • #3

      I guess I am not really sure what you mean, since you're talking about two different concepts. Authentication deals with user identification (is the user identifiable as a valid user). Authorization deals with user roles (what does the user have access to). These are handled by two separate concerns using any type of security provider. Can you provide a specific example of what you are trying to do? The standard Spr Sec LDAP classes do support flexible methods of authentication (finding the user in LDAP / Active Directory) and authorization (figuring out what groups they belong to), but you can always extend the standard classes to do what you need, if you want.



      • #4
        Peter, thanks for the response.

        What I'm trying to do is authenticate a user using the Spring 3 Kerberos extension and then grant them authorization based on Ldap groups / principal names.

        I would like to define which principal names / Ldap groups get which particular role within the <security:user-service> section of the context.xml.

        Any guidance you (or anyone) can provide would be greatly appreciated. Thanks again for your help.