Page tree
Skip to end of metadata
Go to start of metadata

Table of content


AppFuse 2.1.x + Spring Security 3.x

With AppFuse 2.1.x comes a new version of Spring Security, exactly, the 3.0.4.RELEASE, and the working mode has changed since 2.x. This means that the latest solution to work with LDAP doesn't work.

Here you can find the new approach.

Adding dependencies to the pom.xml

In the pom.xml, add the following dependencies

And the corresponding variable at the end:

Configuring the security.xml file
The default userDao authentication provider

You can comment it to have only one type of authentication, or you can leave it to have a chaining auth, first LDAP and after the userDao validation.

Add the LDAP server

If you don't specify the manager-dn and manager-password the connection will
be anonymous.

The authorization with custom database provider

You need to add the following beans:

With the class CppAuthoritiesUserDetailsServiceImpl you indicates what role have a user. The source code of this class is:

In case of problems... activate the debug

One recommendation, you can configure the log4j.xml file to see what's happening in the spring security environment:

AppFuse 2.0.x + Spring Security 2.x

This part is taken from a thread on the AppFuse user list.

Adding dependencies to the pom.xml

In the pom.xml, add the following dependencies

And the corresponding variable at the end:

Configuring the security.xml file
The default userDao authentication provider

You can comment it to have only one type of authentication, or you can leave it to have a chaining auth, first LDAP and after the userDao validation.

Add the LDAP server

If you don't specify the manager-dn and manager-password the connection will
be anonymous.

The authorization

Configure the binding procedure (how ldap will do the autentication) and the populate procedure (how ldap will do the autorization, with this configuration you need to have a cn property in the LDAP to map the correct roles inside the application).

Database authorization with a custom populator

You can create your custom Populator, in case of you want to have the mapping logic about what role have one user.

LDAP authorization from attribute

You can also be able to authorize one user using an attribute of the LDAP repository:

In case of problems... activate the debug

One recommendation, you can configure the log4j.xml file to see what's happening in the spring security environment:

AppFuse 1.9.4 + Acegi Security

This part is taken from a thread on the AppFuse user list.

Here's what Matt has done in the past to get LDAP working with AppFuse 1.9.4. The same concepts should be applicable to AppFuse 2.0.x.

1. Change the "authenticationManager" bean to use "ldapProvider"
instead of "daoAuthenticationProvider":

2. Added ldapProvider and supporting beans:

3. Change the passwordEncoder bean to be LdapShaPasswordEncoder:

In this example, my ldap.properties (which populates initialDirContextFactory) is set to: