http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.4.xsd">
+ <bean
+ class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">
+ <property name="systemPropertiesModeName" value="SYSTEM_PROPERTIES_MODE_OVERRIDE" />
+ <property name="ignoreUnresolvablePlaceholders" value="true" />
+ <property name="locations">
+ <value>osgibundle:ldap.properties
+ </value>
+ </property>
+ </bean>
+
<bean id="_authenticationManager" class="org.springframework.security.providers.ProviderManager">
<property name="providers">
<list>
</property>
</bean>
- <!--
- <security:ldap-server
- url="ldap://localhost:10389/dc=demo,dc=argeo,dc=org"
- manager-dn="uid=admin,ou=system" manager-password="secret" />
-
- <security:ldap-authentication-provider
- user-details-class="inetOrgPerson" user-dn-pattern="uid={0},ou=users"
- group-search-base="ou=groups"> <security:password-compare hash="{sha}"
- /> </security:ldap-authentication-provider>
- -->
-
<bean id="contextSource"
class="org.springframework.security.ldap.DefaultSpringSecurityContextSource">
- <constructor-arg value="ldap://localhost:10389/dc=demo,dc=argeo,dc=org" />
- <property name="userDn" value="uid=admin,ou=system" />
- <property name="password" value="secret" />
+ <constructor-arg
+ value="ldap://${argeo.ldap.host}:${argeo.ldap.port}/${argeo.ldap.rootdn}" />
+ <property name="userDn" value="${argeo.ldap.manager.userdn}" />
+ <property name="password" value="${argeo.ldap.manager.password}" />
</bean>
<bean id="authenticationProvider"
class="org.springframework.security.providers.ldap.LdapAuthenticationProvider">
+ <constructor-arg ref="ldapAuthenticator" />
<constructor-arg>
- <bean
- class="org.springframework.security.providers.ldap.authenticator.PasswordComparisonAuthenticator">
- <constructor-arg ref="contextSource" />
- <property name="userDnPatterns">
- <list>
- <value>uid={0},ou=users</value>
- </list>
- </property>
- <property name="passwordEncoder">
- <bean
- class="org.springframework.security.providers.ldap.authenticator.LdapShaPasswordEncoder"></bean>
- </property>
- </bean>
+ <bean factory-bean="securityDao" factory-method="getAuthoritiesPopulator" />
</constructor-arg>
- <constructor-arg ref="authoritiesPopulator" />
- <property name="userDetailsContextMapper" ref="userDetailsMapper" />
+ <property name="userDetailsContextMapper">
+ <bean factory-bean="securityDao" factory-method="getUserDetailsMapper" />
+ </property>
</bean>
- <bean id="authoritiesPopulator"
- class="org.springframework.security.ldap.populator.DefaultLdapAuthoritiesPopulator">
+ <bean id="securityDao" class="org.argeo.security.ldap.ArgeoSecurityDaoLdap">
<constructor-arg ref="contextSource" />
- <constructor-arg value="ou=groups" />
- <!-- <property name="defaultRole" value="ROLE_USER" /> -->
- <property name="groupSearchFilter" value="uniqueMember={0}" />
+ <property name="userNatureMappers" ref="userNatureMappers" />
</bean>
- <bean id="userDetailsManager"
- class="org.springframework.security.userdetails.ldap.LdapUserDetailsManager">
+ <bean id="ldapAuthenticator"
+ class="org.springframework.security.providers.ldap.authenticator.PasswordComparisonAuthenticator">
<constructor-arg ref="contextSource" />
- <property name="userDetailsMapper" ref="userDetailsMapper" />
- <property name="groupSearchBase" value="ou=groups" />
- <property name="usernameMapper">
- <bean
- class="org.springframework.security.ldap.DefaultLdapUsernameToDnMapper">
- <constructor-arg value="ou=users" />
- <constructor-arg value="uid" />
- </bean>
- </property>
- </bean>
-
- <bean id="userDetailsMapper" class="org.argeo.security.ldap.ArgeoUserDetailsContextMapper">
- <property name="userNatureMappers">
+ <property name="userDnPatterns">
<list>
- <bean class="org.argeo.security.ldap.SimpleUserNatureMapper" />
- <bean class="org.argeo.security.ldap.CoworkerUserNatureMapper" />
+ <value>uid={0},ou=users</value>
</list>
</property>
+ <property name="passwordEncoder">
+ <bean
+ class="org.springframework.security.providers.ldap.authenticator.LdapShaPasswordEncoder" />
+ </property>
</bean>
+
+
+ <!--
+ <bean id="authoritiesPopulator"
+ class="org.argeo.security.ldap.ArgeoLdapAuthoritiesPopulator">
+ <constructor-arg ref="contextSource" /> <constructor-arg
+ value="ou=groups" /> <property name="defaultRole" value="ROLE_USER" />
+ <property name="groupSearchFilter" value="uniqueMember={0}" /> </bean>
+
+ <bean id="userDetailsManager"
+ class="org.springframework.security.userdetails.ldap.LdapUserDetailsManager">
+ <constructor-arg ref="contextSource" /> <property
+ name="userDetailsMapper" ref="userDetailsMapper" /> <property
+ name="groupSearchBase" value="ou=groups" /> <property
+ name="usernameMapper"> <bean
+ class="org.springframework.security.ldap.DefaultLdapUsernameToDnMapper">
+ <constructor-arg value="ou=users" /> <constructor-arg value="uid" />
+ </bean> </property> </bean> <bean id="userDetailsMapper"
+ class="org.argeo.security.ldap.ArgeoUserDetailsContextMapper">
+ <property name="userNatureMappers" ref="userNatureMappers" /> </bean>
+ -->
</beans>