</property>
</bean>
- <bean id="passwordEncoder"
- class="org.springframework.security.providers.ldap.authenticator.LdapShaPasswordEncoder" />
+ <bean id="passwordEncoder" class="org.argeo.security.ldap.ArgeoLdapShaPasswordEncoder">
+ <property name="useSalt" value="${argeo.ldap.password.useSalt}" />
+ </bean>
<bean id="contextSource"
class="org.springframework.security.ldap.DefaultSpringSecurityContextSource">
<!-- AUTHENTICATION -->
<bean id="ldapAuthenticationProvider"
class="org.springframework.security.providers.ldap.LdapAuthenticationProvider">
- <constructor-arg ref="passwordComparisonAuthenticator" />
+ <constructor-arg ref="ldapAuthenticator" />
<constructor-arg ref="authoritiesPopulator" />
<property name="userDetailsContextMapper" ref="jcrUserDetailsContextMapper" />
</bean>
- <bean id="passwordComparisonAuthenticator"
+<!-- <bean id="ldapAuthenticator" -->
+<!-- class="org.springframework.security.providers.ldap.authenticator.BindAuthenticator"> -->
+<!-- <constructor-arg ref="contextSource" /> -->
+<!-- <property name="userDnPatterns"> -->
+<!-- <list> -->
+<!-- <value><![CDATA[${argeo.ldap.usernameAttribute}={0},${argeo.ldap.userBase}]]></value> -->
+<!-- </list> -->
+<!-- </property> -->
+<!-- </bean> -->
+
+ <!-- PasswordComparisonAuthenticator doesn't work with SSHA -->
+ <bean id="ldapAuthenticator"
class="org.springframework.security.providers.ldap.authenticator.PasswordComparisonAuthenticator">
<constructor-arg ref="contextSource" />
<property name="userDnPatterns">
</bean>
<!-- USER DETAILS -->
- <bean id="securityDao" class="org.argeo.security.ldap.ArgeoSecurityDaoLdap">
+ <bean id="userAdminDao" class="org.argeo.security.ldap.ArgeoSecurityDaoLdap">
<constructor-arg ref="contextSource" />
<property name="userBase" value="${argeo.ldap.userBase}" />
<property name="usernameAttribute" value="${argeo.ldap.usernameAttribute}" />
<property name="groupMemberAttribute" value="${argeo.ldap.groupMemberAttribute}" />
<property name="defaultRole" value="${argeo.security.defaultRole}" />
<property name="rolePrefix" value="${argeo.security.rolePrefix}" />
- <property name="passwordEncoder" ref="passwordEncoder" />
<property name="usernameMapper" ref="usernameMapper" />
- <property name="userDetailsManager" ref="userDetailsManager" />
</bean>
<bean id="usernameMapper"
<property name="rolePrefix" value="${argeo.security.rolePrefix}" />
</bean>
- <bean id="userDetailsManager"
- class="org.springframework.security.userdetails.ldap.LdapUserDetailsManager">
+ <bean id="userDetailsManager" class="org.argeo.security.ldap.ArgeoLdapUserDetailsManager">
<constructor-arg ref="contextSource" />
<property name="groupSearchBase" value="${argeo.ldap.groupBase}" />
<property name="groupMemberAttributeName" value="${argeo.ldap.groupMemberAttribute}" />
<property name="usernameMapper" ref="usernameMapper" />
<property name="userDetailsMapper" ref="jcrUserDetailsContextMapper" />
+ <property name="userAdminDao" ref="userAdminDao" />
+ <property name="passwordEncoder" ref="passwordEncoder" />
+ <property name="passwordAttributeName" value="${argeo.ldap.passwordAttribute}" />
</bean>
-
- <!-- <bean id="userDetailsService" -->
- <!-- class="org.springframework.security.userdetails.ldap.LdapUserDetailsManager"> -->
- <!-- <constructor-arg> -->
- <!-- <bean -->
- <!-- class="org.springframework.security.ldap.search.FilterBasedLdapUserSearch"> -->
- <!-- <constructor-arg value="${argeo.ldap.userBase}" /> -->
- <!-- <constructor-arg value="(${argeo.ldap.usernameAttribute}={0})" /> -->
- <!-- <constructor-arg ref="contextSource" /> -->
- <!-- </bean> -->
- <!-- </constructor-arg> -->
- <!-- <constructor-arg ref="authoritiesPopulator" /> -->
- <!-- <property name="userDetailsMapper" ref="jcrUserDetailsContextMapper"
- /> -->
- <!-- </bean> -->
</beans>