+++ /dev/null
-<beans xmlns="http://www.springframework.org/schema/beans"
- xmlns:security="http://www.springframework.org/schema/security"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
- http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.4.xsd">
-
- <!-- COMMON -->
- <bean
- class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">
- <property name="systemPropertiesModeName" value="SYSTEM_PROPERTIES_MODE_OVERRIDE" />
- <property name="locations">
- <value>osgibundle:ldap.properties</value>
- </property>
- </bean>
-
- <!-- AUTHENTICATION -->
- <bean id="ldapAuthenticationProvider"
- class="org.springframework.security.ldap.authentication.LdapAuthenticationProvider">
- <constructor-arg ref="ldapAuthenticator" />
- <constructor-arg ref="authoritiesPopulator" />
- <property name="userDetailsContextMapper" ref="jcrLdapSynchronizer" />
- </bean>
-
- <!-- PasswordComparisonAuthenticator doesn't work with SSHA -->
- <!-- <bean id="ldapAuthenticator" -->
- <!-- class="org.springframework.security.providers.ldap.authenticator.PasswordComparisonAuthenticator"> -->
- <!-- <constructor-arg ref="contextSource" /> -->
- <!-- <property name="userDnPatterns"> -->
- <!-- <list> -->
- <!-- <value><![CDATA[${argeo.ldap.usernameAttribute}={0},${argeo.ldap.userBase}]]></value> -->
- <!-- </list> -->
- <!-- </property> -->
- <!-- <property name="passwordAttributeName" value="${argeo.ldap.passwordAttribute}"
- /> -->
- <!-- <property name="passwordEncoder" ref="passwordEncoder" /> -->
- <!-- </bean> -->
-
- <!-- Bind authenticator doesn't work with Apache DS 1.0 -->
- <bean id="ldapAuthenticator"
- class="org.springframework.security.ldap.authentication.BindAuthenticator">
- <constructor-arg ref="contextSource" />
- <property name="userDnPatterns">
- <list>
- <value><![CDATA[${argeo.ldap.usernameAttribute}={0},${argeo.ldap.userBase}]]></value>
- </list>
- </property>
- </bean>
-
- <!-- USER DETAILS -->
- <!-- <bean id="userDetailsManager" class="org.argeo.security.ldap.ArgeoLdapUserDetailsManager"> -->
- <!-- <constructor-arg ref="contextSource" /> -->
- <!-- <property name="groupSearchBase" value="${argeo.ldap.groupBase}" /> -->
- <!-- <property name="groupMemberAttributeName" value="${argeo.ldap.groupMemberAttribute}"
- /> -->
- <!-- <property name="usernameMapper" ref="usernameMapper" /> -->
- <!-- <property name="userDetailsMapper" ref="jcrLdapSynchronizer" /> -->
- <!-- <property name="userAdminDao" ref="userAdminDao" /> -->
- <!-- <property name="passwordEncoder" ref="passwordEncoder" /> -->
- <!-- <property name="passwordAttributeName" value="${argeo.ldap.passwordAttribute}"
- /> -->
- <!-- <property name="superUsername" value="${argeo.security.superUsername}"
- /> -->
- <!-- </bean> -->
-
- <!-- <bean id="userAdminDao" class="org.argeo.security.ldap.ArgeoUserAdminDaoLdap"> -->
- <!-- <constructor-arg ref="contextSource" /> -->
- <!-- <property name="userBase" value="${argeo.ldap.userBase}" /> -->
- <!-- <property name="usernameAttribute" value="${argeo.ldap.usernameAttribute}"
- /> -->
- <!-- <property name="groupClasses"> -->
- <!-- <list> -->
- <!-- <value>top</value> -->
- <!-- <value>${argeo.ldap.groupClass}</value> -->
- <!-- </list> -->
- <!-- </property> -->
- <!-- <property name="groupBase" value="${argeo.ldap.groupBase}" /> -->
- <!-- <property name="groupRoleAttribute" value="${argeo.ldap.groupRoleAttribute}"
- /> -->
- <!-- <property name="groupMemberAttribute" value="${argeo.ldap.groupMemberAttribute}"
- /> -->
- <!-- <property name="defaultRole" value="${argeo.security.defaultRole}"
- /> -->
- <!-- <property name="rolePrefix" value="${argeo.security.rolePrefix}" /> -->
- <!-- <property name="usernameMapper" ref="usernameMapper" /> -->
- <!-- </bean> -->
-
- <bean id="usernameMapper"
- class="org.springframework.security.ldap.DefaultLdapUsernameToDnMapper">
- <constructor-arg value="${argeo.ldap.userBase}" />
- <constructor-arg value="${argeo.ldap.usernameAttribute}" />
- </bean>
-
- <bean id="authoritiesPopulator"
- class="org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator">
- <constructor-arg ref="contextSource" />
- <constructor-arg value="${argeo.ldap.groupBase}" />
- <property name="groupSearchFilter" value="${argeo.ldap.groupMemberAttribute}={0}" />
- <property name="defaultRole" value="${argeo.security.defaultRole}" />
- <property name="rolePrefix" value="${argeo.security.rolePrefix}" />
- </bean>
-
- <!-- LDAP LOW LEVEL -->
- <bean id="contextSource"
- class="org.springframework.security.ldap.DefaultSpringSecurityContextSource">
- <constructor-arg
- value="${argeo.ldap.protocol}://${argeo.ldap.host}:${argeo.ldap.port}/${argeo.ldap.rootdn}" />
- <!-- <property name="userDn" value="${argeo.ldap.manager.userdn}" /> -->
- <!-- <property name="password" value="${argeo.ldap.manager.password}" /> -->
- </bean>
-
- <bean id="ldapTemplate" class="org.springframework.ldap.core.LdapTemplate">
- <constructor-arg ref="contextSource" />
- </bean>
-
- <bean id="rawLdapTemplate" class="org.springframework.ldap.core.LdapTemplate">
- <description><![CDATA[LDAP template returning raw dir contexts, see http://forum.springsource.org/showthread.php?55955-Persistent-search-with-spring-ldap]]></description>
- <constructor-arg>
- <bean parent="contextSource">
- <property name="dirObjectFactory">
- <null />
- </property>
- </bean>
- </constructor-arg>
- </bean>
-
- <bean id="passwordEncoder" class="org.argeo.security.ldap.ArgeoLdapShaPasswordEncoder">
- <property name="useSalt" value="${argeo.ldap.password.useSalt}" />
- </bean>
-</beans>