1 <beans xmlns=
"http://www.springframework.org/schema/beans"
2 xmlns:
security=
"http://www.springframework.org/schema/security"
3 xmlns:
xsi=
"http://www.w3.org/2001/XMLSchema-instance"
4 xsi:
schemaLocation=
"http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
5 http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.4.xsd">
9 class=
"org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">
10 <property name=
"systemPropertiesModeName" value=
"SYSTEM_PROPERTIES_MODE_OVERRIDE" />
11 <property name=
"locations">
12 <value>osgibundle:ldap.properties
</value>
16 <!-- AUTHENTICATION -->
17 <bean id=
"ldapAuthenticationProvider"
18 class=
"org.springframework.security.providers.ldap.LdapAuthenticationProvider">
19 <constructor-arg ref=
"ldapAuthenticator" />
20 <constructor-arg ref=
"authoritiesPopulator" />
21 <property name=
"userDetailsContextMapper" ref=
"jcrLdapSynchronizer" />
24 <!-- PasswordComparisonAuthenticator doesn't work with SSHA -->
25 <!-- <bean id="ldapAuthenticator" -->
26 <!-- class="org.springframework.security.providers.ldap.authenticator.PasswordComparisonAuthenticator"> -->
27 <!-- <constructor-arg ref="contextSource" /> -->
28 <!-- <property name="userDnPatterns"> -->
30 <!-- <value><![CDATA[${argeo.ldap.usernameAttribute}={0},${argeo.ldap.userBase}]]></value> -->
33 <!-- <property name="passwordAttributeName" value="${argeo.ldap.passwordAttribute}" /> -->
34 <!-- <property name="passwordEncoder" ref="passwordEncoder" /> -->
37 <!-- Bind authenticator doesn't work with Apache DS 1.0 -->
38 <bean id=
"ldapAuthenticator"
39 class=
"org.springframework.security.providers.ldap.authenticator.BindAuthenticator">
40 <constructor-arg ref=
"contextSource" />
41 <property name=
"userDnPatterns">
43 <value><![CDATA[${argeo.ldap.usernameAttribute}={
0},${argeo.ldap.userBase}]]
></value>
49 <!-- <bean id="userDetailsManager" class="org.argeo.security.ldap.ArgeoLdapUserDetailsManager"> -->
50 <!-- <constructor-arg ref="contextSource" /> -->
51 <!-- <property name="groupSearchBase" value="${argeo.ldap.groupBase}" /> -->
52 <!-- <property name="groupMemberAttributeName" value="${argeo.ldap.groupMemberAttribute}" /> -->
53 <!-- <property name="usernameMapper" ref="usernameMapper" /> -->
54 <!-- <property name="userDetailsMapper" ref="jcrLdapSynchronizer" /> -->
55 <!-- <property name="userAdminDao" ref="userAdminDao" /> -->
56 <!-- <property name="passwordEncoder" ref="passwordEncoder" /> -->
57 <!-- <property name="passwordAttributeName" value="${argeo.ldap.passwordAttribute}" /> -->
58 <!-- <property name="superUsername" value="${argeo.security.superUsername}" /> -->
61 <!-- <bean id="userAdminDao" class="org.argeo.security.ldap.ArgeoUserAdminDaoLdap"> -->
62 <!-- <constructor-arg ref="contextSource" /> -->
63 <!-- <property name="userBase" value="${argeo.ldap.userBase}" /> -->
64 <!-- <property name="usernameAttribute" value="${argeo.ldap.usernameAttribute}" /> -->
65 <!-- <property name="groupClasses"> -->
67 <!-- <value>top</value> -->
68 <!-- <value>${argeo.ldap.groupClass}</value> -->
71 <!-- <property name="groupBase" value="${argeo.ldap.groupBase}" /> -->
72 <!-- <property name="groupRoleAttribute" value="${argeo.ldap.groupRoleAttribute}" /> -->
73 <!-- <property name="groupMemberAttribute" value="${argeo.ldap.groupMemberAttribute}" /> -->
74 <!-- <property name="defaultRole" value="${argeo.security.defaultRole}" /> -->
75 <!-- <property name="rolePrefix" value="${argeo.security.rolePrefix}" /> -->
76 <!-- <property name="usernameMapper" ref="usernameMapper" /> -->
79 <bean id=
"usernameMapper"
80 class=
"org.springframework.security.ldap.DefaultLdapUsernameToDnMapper">
81 <constructor-arg value=
"${argeo.ldap.userBase}" />
82 <constructor-arg value=
"${argeo.ldap.usernameAttribute}" />
85 <bean id=
"authoritiesPopulator"
86 class=
"org.springframework.security.ldap.populator.DefaultLdapAuthoritiesPopulator">
87 <constructor-arg ref=
"contextSource" />
88 <constructor-arg value=
"${argeo.ldap.groupBase}" />
89 <property name=
"groupSearchFilter" value=
"${argeo.ldap.groupMemberAttribute}={0}" />
90 <property name=
"defaultRole" value=
"${argeo.security.defaultRole}" />
91 <property name=
"rolePrefix" value=
"${argeo.security.rolePrefix}" />
94 <!-- LDAP LOW LEVEL -->
95 <bean id=
"contextSource"
96 class=
"org.springframework.security.ldap.DefaultSpringSecurityContextSource">
98 value=
"${argeo.ldap.protocol}://${argeo.ldap.host}:${argeo.ldap.port}/${argeo.ldap.rootdn}" />
99 <!-- <property name="userDn" value="${argeo.ldap.manager.userdn}" /> -->
100 <!-- <property name="password" value="${argeo.ldap.manager.password}" /> -->
103 <bean id=
"ldapTemplate" class=
"org.springframework.ldap.core.LdapTemplate">
104 <constructor-arg ref=
"contextSource" />
107 <bean id=
"rawLdapTemplate" class=
"org.springframework.ldap.core.LdapTemplate">
108 <description><![CDATA[LDAP template returning raw dir contexts, see http://forum.springsource.org/showthread.php?
55955-Persistent-search-with-spring-ldap]]
></description>
110 <bean parent=
"contextSource">
111 <property name=
"dirObjectFactory">
118 <bean id=
"passwordEncoder" class=
"org.argeo.security.ldap.ArgeoLdapShaPasswordEncoder">
119 <property name=
"useSalt" value=
"${argeo.ldap.password.useSalt}" />