]> git.argeo.org Git - lgpl/argeo-commons.git/blob - security/modules/org.argeo.security.dao.ldap/META-INF/spring/security-ldap.xml
projects / lgpl / argeo-commons.git / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
[maven-release-plugin] prepare for next development iteration
[lgpl/argeo-commons.git] / security / modules / org.argeo.security.dao.ldap / META-INF / spring / security-ldap.xml
1 <beans xmlns="http://www.springframework.org/schema/beans"
2 xmlns:security="http://www.springframework.org/schema/security"
3 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
4 xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
5 http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.4.xsd">
6
7 <!-- COMMON -->
8 <bean
9 class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">
10 <property name="systemPropertiesModeName" value="SYSTEM_PROPERTIES_MODE_OVERRIDE" />
11 <property name="locations">
12 <value>osgibundle:ldap.properties</value>
13 </property>
14 </bean>
15
16 <!-- AUTHENTICATION -->
17 <bean id="ldapAuthenticationProvider"
18 class="org.springframework.security.providers.ldap.LdapAuthenticationProvider">
19 <constructor-arg ref="ldapAuthenticator" />
20 <constructor-arg ref="authoritiesPopulator" />
21 <property name="userDetailsContextMapper" ref="jcrLdapSynchronizer" />
22 </bean>
23
24 <!-- PasswordComparisonAuthenticator doesn't work with SSHA -->
25 <bean id="ldapAuthenticator"
26 class="org.springframework.security.providers.ldap.authenticator.PasswordComparisonAuthenticator">
27 <constructor-arg ref="contextSource" />
28 <property name="userDnPatterns">
29 <list>
30 <value><![CDATA[${argeo.ldap.usernameAttribute}={0},${argeo.ldap.userBase}]]></value>
31 </list>
32 </property>
33 <property name="passwordAttributeName" value="${argeo.ldap.passwordAttribute}" />
34 <property name="passwordEncoder" ref="passwordEncoder" />
35 </bean>
36
37 <!-- Bind authenticator doesn't work with Apache DS 1.0 -->
38 <!-- <bean id="ldapAuthenticator" -->
39 <!-- class="org.springframework.security.providers.ldap.authenticator.BindAuthenticator"> -->
40 <!-- <constructor-arg ref="contextSource" /> -->
41 <!-- <property name="userDnPatterns"> -->
42 <!-- <list> -->
43 <!-- <value><![CDATA[${argeo.ldap.usernameAttribute}={0},${argeo.ldap.userBase}]]></value> -->
44 <!-- </list> -->
45 <!-- </property> -->
46 <!-- </bean> -->
47
48 <!-- USER DETAILS -->
49 <bean id="userDetailsManager" class="org.argeo.security.ldap.ArgeoLdapUserDetailsManager">
50 <constructor-arg ref="contextSource" />
51 <property name="groupSearchBase" value="${argeo.ldap.groupBase}" />
52 <property name="groupMemberAttributeName" value="${argeo.ldap.groupMemberAttribute}" />
53 <property name="usernameMapper" ref="usernameMapper" />
54 <property name="userDetailsMapper" ref="jcrLdapSynchronizer" />
55 <property name="userAdminDao" ref="userAdminDao" />
56 <property name="passwordEncoder" ref="passwordEncoder" />
57 <property name="passwordAttributeName" value="${argeo.ldap.passwordAttribute}" />
58 </bean>
59
60 <bean id="userAdminDao" class="org.argeo.security.ldap.ArgeoUserAdminDaoLdap">
61 <constructor-arg ref="contextSource" />
62 <property name="userBase" value="${argeo.ldap.userBase}" />
63 <property name="usernameAttribute" value="${argeo.ldap.usernameAttribute}" />
64 <property name="groupClasses">
65 <list>
66 <value>top</value>
67 <value>${argeo.ldap.groupClass}</value>
68 </list>
69 </property>
70 <property name="groupBase" value="${argeo.ldap.groupBase}" />
71 <property name="groupRoleAttribute" value="${argeo.ldap.groupRoleAttribute}" />
72 <property name="groupMemberAttribute" value="${argeo.ldap.groupMemberAttribute}" />
73 <property name="defaultRole" value="${argeo.security.defaultRole}" />
74 <property name="rolePrefix" value="${argeo.security.rolePrefix}" />
75 <property name="usernameMapper" ref="usernameMapper" />
76 </bean>
77
78 <bean id="usernameMapper"
79 class="org.springframework.security.ldap.DefaultLdapUsernameToDnMapper">
80 <constructor-arg value="${argeo.ldap.userBase}" />
81 <constructor-arg value="${argeo.ldap.usernameAttribute}" />
82 </bean>
83
84 <bean id="authoritiesPopulator"
85 class="org.springframework.security.ldap.populator.DefaultLdapAuthoritiesPopulator">
86 <constructor-arg ref="contextSource" />
87 <constructor-arg value="${argeo.ldap.groupBase}" />
88 <property name="groupSearchFilter" value="${argeo.ldap.groupMemberAttribute}={0}" />
89 <property name="defaultRole" value="${argeo.security.defaultRole}" />
90 <property name="rolePrefix" value="${argeo.security.rolePrefix}" />
91 </bean>
92
93 <!-- LDAP LOW LEVEL -->
94 <bean id="contextSource"
95 class="org.springframework.security.ldap.DefaultSpringSecurityContextSource">
96 <constructor-arg
97 value="${argeo.ldap.protocol}://${argeo.ldap.host}:${argeo.ldap.port}/${argeo.ldap.rootdn}" />
98 <property name="userDn" value="${argeo.ldap.manager.userdn}" />
99 <property name="password" value="${argeo.ldap.manager.password}" />
100 </bean>
101
102 <bean id="ldapTemplate" class="org.springframework.ldap.core.LdapTemplate">
103 <constructor-arg ref="contextSource" />
104 </bean>
105
106 <bean id="rawLdapTemplate" class="org.springframework.ldap.core.LdapTemplate">
107 <description><![CDATA[LDAP template returning raw dir contexts, see http://forum.springsource.org/showthread.php?55955-Persistent-search-with-spring-ldap]]></description>
108 <constructor-arg>
109 <bean parent="contextSource">
110 <property name="dirObjectFactory">
111 <null />
112 </property>
113 </bean>
114 </constructor-arg>
115 </bean>
116
117 <bean id="passwordEncoder" class="org.argeo.security.ldap.ArgeoLdapShaPasswordEncoder">
118 <property name="useSalt" value="${argeo.ldap.password.useSalt}" />
119 </bean>
120 </beans>
Argeo Commons - Lightweight integration framework in pure Java/OSGi