1 <beans xmlns=
"http://www.springframework.org/schema/beans"
2 xmlns:
security=
"http://www.springframework.org/schema/security"
3 xmlns:
xsi=
"http://www.w3.org/2001/XMLSchema-instance"
4 xsi:
schemaLocation=
"http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
5 http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.4.xsd">
9 class=
"org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">
10 <property name=
"systemPropertiesModeName" value=
"SYSTEM_PROPERTIES_MODE_OVERRIDE" />
11 <property name=
"locations">
12 <value>osgibundle:ldap.properties
</value>
16 <!-- AUTHENTICATION -->
17 <bean id=
"ldapAuthenticationProvider"
18 class=
"org.springframework.security.providers.ldap.LdapAuthenticationProvider">
19 <constructor-arg ref=
"ldapAuthenticator" />
20 <constructor-arg ref=
"authoritiesPopulator" />
21 <property name=
"userDetailsContextMapper" ref=
"jcrLdapSynchronizer" />
24 <!-- PasswordComparisonAuthenticator doesn't work with SSHA -->
25 <bean id=
"ldapAuthenticator"
26 class=
"org.springframework.security.providers.ldap.authenticator.PasswordComparisonAuthenticator">
27 <constructor-arg ref=
"contextSource" />
28 <property name=
"userDnPatterns">
30 <value><![CDATA[${argeo.ldap.usernameAttribute}={
0},${argeo.ldap.userBase}]]
></value>
33 <property name=
"passwordAttributeName" value=
"${argeo.ldap.passwordAttribute}" />
34 <property name=
"passwordEncoder" ref=
"passwordEncoder" />
37 <!-- Bind authenticator doesn't work with Apache DS 1.0 -->
38 <!-- <bean id="ldapAuthenticator" -->
39 <!-- class="org.springframework.security.providers.ldap.authenticator.BindAuthenticator"> -->
40 <!-- <constructor-arg ref="contextSource" /> -->
41 <!-- <property name="userDnPatterns"> -->
43 <!-- <value><![CDATA[${argeo.ldap.usernameAttribute}={0},${argeo.ldap.userBase}]]></value> -->
49 <bean id=
"userAdminDao" class=
"org.argeo.security.ldap.ArgeoSecurityDaoLdap">
50 <constructor-arg ref=
"contextSource" />
51 <property name=
"userBase" value=
"${argeo.ldap.userBase}" />
52 <property name=
"usernameAttribute" value=
"${argeo.ldap.usernameAttribute}" />
53 <property name=
"groupClasses">
56 <value>${argeo.ldap.groupClass}
</value>
59 <property name=
"groupBase" value=
"${argeo.ldap.groupBase}" />
60 <property name=
"groupRoleAttribute" value=
"${argeo.ldap.groupRoleAttribute}" />
61 <property name=
"groupMemberAttribute" value=
"${argeo.ldap.groupMemberAttribute}" />
62 <property name=
"defaultRole" value=
"${argeo.security.defaultRole}" />
63 <property name=
"rolePrefix" value=
"${argeo.security.rolePrefix}" />
64 <property name=
"usernameMapper" ref=
"usernameMapper" />
67 <bean id=
"usernameMapper"
68 class=
"org.springframework.security.ldap.DefaultLdapUsernameToDnMapper">
69 <constructor-arg value=
"${argeo.ldap.userBase}" />
70 <constructor-arg value=
"${argeo.ldap.usernameAttribute}" />
73 <bean id=
"authoritiesPopulator"
74 class=
"org.springframework.security.ldap.populator.DefaultLdapAuthoritiesPopulator">
75 <constructor-arg ref=
"contextSource" />
76 <constructor-arg value=
"${argeo.ldap.groupBase}" />
77 <property name=
"groupSearchFilter" value=
"${argeo.ldap.groupMemberAttribute}={0}" />
78 <property name=
"defaultRole" value=
"${argeo.security.defaultRole}" />
79 <property name=
"rolePrefix" value=
"${argeo.security.rolePrefix}" />
82 <bean id=
"userDetailsManager" class=
"org.argeo.security.ldap.ArgeoLdapUserDetailsManager">
83 <constructor-arg ref=
"contextSource" />
84 <property name=
"groupSearchBase" value=
"${argeo.ldap.groupBase}" />
85 <property name=
"groupMemberAttributeName" value=
"${argeo.ldap.groupMemberAttribute}" />
86 <property name=
"usernameMapper" ref=
"usernameMapper" />
87 <property name=
"userDetailsMapper" ref=
"jcrLdapSynchronizer" />
88 <property name=
"userAdminDao" ref=
"userAdminDao" />
89 <property name=
"passwordEncoder" ref=
"passwordEncoder" />
90 <property name=
"passwordAttributeName" value=
"${argeo.ldap.passwordAttribute}" />
93 <!-- LDAP LOW LEVEL -->
94 <bean id=
"contextSource"
95 class=
"org.springframework.security.ldap.DefaultSpringSecurityContextSource">
97 value=
"${argeo.ldap.protocol}://${argeo.ldap.host}:${argeo.ldap.port}/${argeo.ldap.rootdn}" />
98 <property name=
"userDn" value=
"${argeo.ldap.manager.userdn}" />
99 <property name=
"password" value=
"${argeo.ldap.manager.password}" />
102 <bean id=
"ldapTemplate" class=
"org.springframework.ldap.core.LdapTemplate">
103 <constructor-arg ref=
"contextSource" />
106 <bean id=
"rawLdapTemplate" class=
"org.springframework.ldap.core.LdapTemplate">
107 <description><![CDATA[LDAP template returning raw dir contexts, see http://forum.springsource.org/showthread.php?
55955-Persistent-search-with-spring-ldap]]
></description>
109 <bean parent=
"contextSource">
110 <property name=
"dirObjectFactory">
117 <bean id=
"passwordEncoder" class=
"org.argeo.security.ldap.ArgeoLdapShaPasswordEncoder">
118 <property name=
"useSalt" value=
"${argeo.ldap.password.useSalt}" />