Prepare v0.3.2-SNAPSHOT dev cycle

[lgpl/argeo-commons.git] / security / modules / org.argeo.security.dao.ldap / META-INF / spring / ldap.xml

diff --git a/security/modules/org.argeo.security.dao.ldap/META-INF/spring/ldap.xml b/security/modules/org.argeo.security.dao.ldap/META-INF/spring/ldap.xml
index 72de115ca04cda85b2b41381d5277b807721748c..33dc554a87de4a0af7891448d5444aedd6a9ba0a 100644 (file)
--- a/security/modules/org.argeo.security.dao.ldap/META-INF/spring/ldap.xml
+++ b/security/modules/org.argeo.security.dao.ldap/META-INF/spring/ldap.xml
@@ -13,8 +13,9 @@
                </property>
        </bean>
 
-       <bean id="passwordEncoder"
-               class="org.springframework.security.providers.ldap.authenticator.LdapShaPasswordEncoder" />
+       <bean id="passwordEncoder" class="org.argeo.security.ldap.ArgeoLdapShaPasswordEncoder">
+               <property name="useSalt" value="${argeo.ldap.password.useSalt}" />
+       </bean>
 
        <bean id="contextSource"
                class="org.springframework.security.ldap.DefaultSpringSecurityContextSource">
@@ -27,25 +28,37 @@
        <!-- AUTHENTICATION -->
        <bean id="ldapAuthenticationProvider"
                class="org.springframework.security.providers.ldap.LdapAuthenticationProvider">
-               <constructor-arg ref="passwordComparisonAuthenticator" />
+               <constructor-arg ref="ldapAuthenticator" />
                <constructor-arg ref="authoritiesPopulator" />
                <property name="userDetailsContextMapper" ref="jcrUserDetailsContextMapper" />
        </bean>
 
-       <bean id="passwordComparisonAuthenticator"
-               class="org.springframework.security.providers.ldap.authenticator.PasswordComparisonAuthenticator">
+       <bean id="ldapAuthenticator"
+               class="org.springframework.security.providers.ldap.authenticator.BindAuthenticator">
                <constructor-arg ref="contextSource" />
                <property name="userDnPatterns">
                        <list>
                                <value><![CDATA[${argeo.ldap.usernameAttribute}={0},${argeo.ldap.userBase}]]></value>
                        </list>
                </property>
-               <property name="passwordAttributeName" value="${argeo.ldap.passwordAttribute}" />
-               <property name="passwordEncoder" ref="passwordEncoder" />
        </bean>
 
+       <!-- DOESN'T WORK WITH SSHA -->
+       <!-- <bean id="passwordComparisonAuthenticator" -->
+       <!-- class="org.springframework.security.providers.ldap.authenticator.PasswordComparisonAuthenticator"> -->
+       <!-- <constructor-arg ref="contextSource" /> -->
+       <!-- <property name="userDnPatterns"> -->
+       <!-- <list> -->
+       <!-- <value><![CDATA[${argeo.ldap.usernameAttribute}={0},${argeo.ldap.userBase}]]></value> -->
+       <!-- </list> -->
+       <!-- </property> -->
+       <!-- <property name="passwordAttributeName" value="${argeo.ldap.passwordAttribute}" 
+               /> -->
+       <!-- <property name="passwordEncoder" ref="passwordEncoder" /> -->
+       <!-- </bean> -->
+
        <!-- USER DETAILS -->
-       <bean id="securityDao" class="org.argeo.security.ldap.ArgeoSecurityDaoLdap">
+       <bean id="userAdminDao" class="org.argeo.security.ldap.ArgeoSecurityDaoLdap">
                <constructor-arg ref="contextSource" />
                <property name="userBase" value="${argeo.ldap.userBase}" />
                <property name="usernameAttribute" value="${argeo.ldap.usernameAttribute}" />
@@ -60,9 +73,7 @@
                <property name="groupMemberAttribute" value="${argeo.ldap.groupMemberAttribute}" />
                <property name="defaultRole" value="${argeo.security.defaultRole}" />
                <property name="rolePrefix" value="${argeo.security.rolePrefix}" />
-               <property name="passwordEncoder" ref="passwordEncoder" />
                <property name="usernameMapper" ref="usernameMapper" />
-               <property name="userDetailsManager" ref="userDetailsManager" />
        </bean>
 
        <bean id="usernameMapper"
@@ -80,27 +91,14 @@
                <property name="rolePrefix" value="${argeo.security.rolePrefix}" />
        </bean>
 
-       <bean id="userDetailsManager"
-               class="org.springframework.security.userdetails.ldap.LdapUserDetailsManager">
+       <bean id="userDetailsManager" class="org.argeo.security.ldap.ArgeoLdapUserDetailsManager">
                <constructor-arg ref="contextSource" />
                <property name="groupSearchBase" value="${argeo.ldap.groupBase}" />
                <property name="groupMemberAttributeName" value="${argeo.ldap.groupMemberAttribute}" />
                <property name="usernameMapper" ref="usernameMapper" />
                <property name="userDetailsMapper" ref="jcrUserDetailsContextMapper" />
+               <property name="userAdminDao" ref="userAdminDao" />
+               <property name="passwordEncoder" ref="passwordEncoder" />
+               <property name="passwordAttributeName" value="${argeo.ldap.passwordAttribute}" />
        </bean>
-
-       <!-- <bean id="userDetailsService" -->
-       <!-- class="org.springframework.security.userdetails.ldap.LdapUserDetailsManager"> -->
-       <!-- <constructor-arg> -->
-       <!-- <bean -->
-       <!-- class="org.springframework.security.ldap.search.FilterBasedLdapUserSearch"> -->
-       <!-- <constructor-arg value="${argeo.ldap.userBase}" /> -->
-       <!-- <constructor-arg value="(${argeo.ldap.usernameAttribute}={0})" /> -->
-       <!-- <constructor-arg ref="contextSource" /> -->
-       <!-- </bean> -->
-       <!-- </constructor-arg> -->
-       <!-- <constructor-arg ref="authoritiesPopulator" /> -->
-       <!-- <property name="userDetailsMapper" ref="jcrUserDetailsContextMapper" 
-               /> -->
-       <!-- </bean> -->
 </beans>