1 <beans xmlns=
"http://www.springframework.org/schema/beans"
2 xmlns:
security=
"http://www.springframework.org/schema/security"
3 xmlns:
xsi=
"http://www.w3.org/2001/XMLSchema-instance"
4 xsi:
schemaLocation=
"http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
5 http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.4.xsd">
8 <!-- AUTHENTICATION -->
9 <bean id=
"ldapAuthenticationProvider"
10 class=
"org.springframework.security.providers.ldap.LdapAuthenticationProvider">
11 <constructor-arg ref=
"ldapAuthenticator" />
12 <constructor-arg ref=
"authoritiesPopulator" />
13 <property name=
"userDetailsContextMapper" ref=
"jcrLdapSynchronizer" />
16 <!-- PasswordComparisonAuthenticator doesn't work with SSHA -->
17 <bean id=
"ldapAuthenticator"
18 class=
"org.springframework.security.providers.ldap.authenticator.PasswordComparisonAuthenticator">
19 <constructor-arg ref=
"contextSource" />
20 <property name=
"userDnPatterns">
22 <value><![CDATA[${argeo.ldap.usernameAttribute}={
0},${argeo.ldap.userBase}]]
></value>
25 <property name=
"passwordAttributeName" value=
"${argeo.ldap.passwordAttribute}" />
26 <property name=
"passwordEncoder" ref=
"passwordEncoder" />
29 <!-- Bind authenticator doesn't work with Apache DS 1.0 -->
30 <!-- <bean id="ldapAuthenticator" -->
31 <!-- class="org.springframework.security.providers.ldap.authenticator.BindAuthenticator"> -->
32 <!-- <constructor-arg ref="contextSource" /> -->
33 <!-- <property name="userDnPatterns"> -->
35 <!-- <value><![CDATA[${argeo.ldap.usernameAttribute}={0},${argeo.ldap.userBase}]]></value> -->
41 <bean id=
"ldapUserDetailsService"
42 class=
"org.springframework.security.userdetails.ldap.LdapUserDetailsService">
43 <constructor-arg ref=
"ldapUserSearch" />
44 <constructor-arg ref=
"authoritiesPopulator" />
45 <property name=
"userDetailsMapper" ref=
"jcrLdapSynchronizer" />
48 <bean id=
"ldapUserSearch"
49 class=
"org.springframework.security.ldap.search.FilterBasedLdapUserSearch">
51 <constructor-arg value=
"${argeo.ldap.userBase}" />
52 <!-- search filter -->
53 <constructor-arg value=
"(${argeo.ldap.usernameAttribute}={0})" />
54 <!-- context source -->
55 <constructor-arg ref=
"contextSource" />
58 <bean id=
"usernameMapper"
59 class=
"org.springframework.security.ldap.DefaultLdapUsernameToDnMapper">
60 <constructor-arg value=
"${argeo.ldap.userBase}" />
61 <constructor-arg value=
"${argeo.ldap.usernameAttribute}" />
64 <bean id=
"authoritiesPopulator"
65 class=
"org.springframework.security.ldap.populator.DefaultLdapAuthoritiesPopulator">
66 <constructor-arg ref=
"contextSource" />
67 <constructor-arg value=
"${argeo.ldap.groupBase}" />
68 <property name=
"groupSearchFilter" value=
"${argeo.ldap.groupMemberAttribute}={0}" />
69 <property name=
"defaultRole" value=
"${argeo.security.defaultRole}" />
70 <property name=
"rolePrefix" value=
"${argeo.security.rolePrefix}" />
73 <!-- LDAP LOW LEVEL -->
74 <bean id=
"contextSource"
75 class=
"org.springframework.security.ldap.DefaultSpringSecurityContextSource">
77 value=
"${argeo.ldap.protocol}://${argeo.ldap.host}:${argeo.ldap.port}/${argeo.ldap.rootdn}" />
78 <property name=
"userDn" value=
"${argeo.ldap.manager.userdn}" />
79 <property name=
"password" value=
"${argeo.ldap.manager.password}" />
82 <bean id=
"ldapTemplate" class=
"org.springframework.ldap.core.LdapTemplate">
83 <constructor-arg ref=
"contextSource" />
86 <bean id=
"rawLdapTemplate" class=
"org.springframework.ldap.core.LdapTemplate">
87 <description><![CDATA[LDAP template returning raw dir contexts, see http://forum.springsource.org/showthread.php?
55955-Persistent-search-with-spring-ldap]]
></description>
89 <bean parent=
"contextSource">
90 <property name=
"dirObjectFactory">
97 <bean id=
"passwordEncoder" class=
"org.argeo.security.ldap.ArgeoLdapShaPasswordEncoder">
98 <property name=
"useSalt" value=
"${argeo.ldap.password.useSalt}" />