+/*
+ * Copyright (C) 2010 Mathieu Baudier <mbaudier@argeo.org>
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
package org.argeo.security.ldap;
import static org.argeo.security.core.ArgeoUserDetails.createSimpleArgeoUser;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.ldap.core.ContextExecutor;
import org.springframework.ldap.core.ContextMapper;
-import org.springframework.ldap.core.ContextSource;
import org.springframework.ldap.core.DirContextAdapter;
import org.springframework.ldap.core.DistinguishedName;
import org.springframework.ldap.core.LdapTemplate;
+import org.springframework.ldap.core.support.BaseLdapPathContextSource;
import org.springframework.security.Authentication;
import org.springframework.security.context.SecurityContextHolder;
import org.springframework.security.ldap.DefaultLdapUsernameToDnMapper;
import org.springframework.security.ldap.LdapUsernameToDnMapper;
import org.springframework.security.ldap.LdapUtils;
import org.springframework.security.ldap.populator.DefaultLdapAuthoritiesPopulator;
+import org.springframework.security.ldap.search.FilterBasedLdapUserSearch;
import org.springframework.security.userdetails.UserDetails;
import org.springframework.security.userdetails.UserDetailsManager;
+import org.springframework.security.userdetails.UserDetailsService;
import org.springframework.security.userdetails.ldap.LdapUserDetailsManager;
+import org.springframework.security.userdetails.ldap.LdapUserDetailsService;
import org.springframework.security.userdetails.ldap.UserDetailsContextMapper;
public class ArgeoSecurityDaoLdap implements ArgeoSecurityDao, InitializingBean {
private String defaultRole = "ROLE_USER";
private String rolePrefix = "ROLE_";
+ private final BaseLdapPathContextSource contextSource;
private final LdapTemplate ldapTemplate;
private LdapUsernameToDnMapper usernameMapper = null;
private UserDetailsContextMapper userDetailsMapper;
-// private LdapUserDetailsService ldapUserDetailsService;
+ private LdapUserDetailsService ldapUserDetailsService;
private List<UserNatureMapper> userNatureMappers;
public void afterPropertiesSet() throws Exception {
userDetailsManager = ludm;
}
-// if (ldapUserDetailsService == null) {
-// ldapUserDetailsService = new LdapUserDetailsService(null,
-// authoritiesPopulator);
-// ldapUserDetailsService.setUserDetailsMapper(userDetailsMapper);
-// }
+ if (ldapUserDetailsService == null) {
+ FilterBasedLdapUserSearch ldapUserSearch = new FilterBasedLdapUserSearch(
+ userBase, "(" + usernameAttributeName + "={0})",
+ contextSource);
+ ldapUserDetailsService = new LdapUserDetailsService(ldapUserSearch,
+ authoritiesPopulator);
+ ldapUserDetailsService.setUserDetailsMapper(userDetailsMapper);
+ }
}
- public ArgeoSecurityDaoLdap(ContextSource contextSource) {
- ldapTemplate = new LdapTemplate(contextSource);
+ public ArgeoSecurityDaoLdap(BaseLdapPathContextSource contextSource) {
+ this.contextSource = contextSource;
+ ldapTemplate = new LdapTemplate(this.contextSource);
}
public void create(ArgeoUser user) {
this.groupClasses = groupClasses;
}
- public UserDetailsManager getUserDetailsManager() {
- return userDetailsManager;
+ public UserDetailsService getUserDetailsService() {
+ return ldapUserDetailsService;
}
}