X-Git-Url: https://git.argeo.org/?a=blobdiff_plain;f=security%2Fruntime%2Forg.argeo.security.core%2Fsrc%2Fmain%2Fjava%2Forg%2Fargeo%2Fsecurity%2Fldap%2FArgeoSecurityDaoLdap.java;fp=security%2Fruntime%2Forg.argeo.security.core%2Fsrc%2Fmain%2Fjava%2Forg%2Fargeo%2Fsecurity%2Fldap%2FArgeoSecurityDaoLdap.java;h=171252848f08dabbb9ab38298a5ddf8c29d0e35e;hb=90c20e8a20aaed36e8a5ff55205737574d7775db;hp=305fe903f9f9cf55f0a81c58ddf8a15f70f664e0;hpb=485359039eae0048c0688f67f2878533a7a32e9c;p=lgpl%2Fargeo-commons.git diff --git a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ldap/ArgeoSecurityDaoLdap.java b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ldap/ArgeoSecurityDaoLdap.java index 305fe903f..171252848 100644 --- a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ldap/ArgeoSecurityDaoLdap.java +++ b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ldap/ArgeoSecurityDaoLdap.java @@ -16,10 +16,10 @@ import org.argeo.security.core.ArgeoUserDetails; import org.springframework.beans.factory.InitializingBean; import org.springframework.ldap.core.ContextExecutor; import org.springframework.ldap.core.ContextMapper; -import org.springframework.ldap.core.ContextSource; import org.springframework.ldap.core.DirContextAdapter; import org.springframework.ldap.core.DistinguishedName; import org.springframework.ldap.core.LdapTemplate; +import org.springframework.ldap.core.support.BaseLdapPathContextSource; import org.springframework.security.Authentication; import org.springframework.security.context.SecurityContextHolder; import org.springframework.security.ldap.DefaultLdapUsernameToDnMapper; @@ -27,9 +27,12 @@ import org.springframework.security.ldap.LdapAuthoritiesPopulator; import org.springframework.security.ldap.LdapUsernameToDnMapper; import org.springframework.security.ldap.LdapUtils; import org.springframework.security.ldap.populator.DefaultLdapAuthoritiesPopulator; +import org.springframework.security.ldap.search.FilterBasedLdapUserSearch; import org.springframework.security.userdetails.UserDetails; import org.springframework.security.userdetails.UserDetailsManager; +import org.springframework.security.userdetails.UserDetailsService; import org.springframework.security.userdetails.ldap.LdapUserDetailsManager; +import org.springframework.security.userdetails.ldap.LdapUserDetailsService; import org.springframework.security.userdetails.ldap.UserDetailsContextMapper; public class ArgeoSecurityDaoLdap implements ArgeoSecurityDao, InitializingBean { @@ -46,12 +49,13 @@ public class ArgeoSecurityDaoLdap implements ArgeoSecurityDao, InitializingBean private String defaultRole = "ROLE_USER"; private String rolePrefix = "ROLE_"; + private final BaseLdapPathContextSource contextSource; private final LdapTemplate ldapTemplate; private LdapUsernameToDnMapper usernameMapper = null; private UserDetailsContextMapper userDetailsMapper; -// private LdapUserDetailsService ldapUserDetailsService; + private LdapUserDetailsService ldapUserDetailsService; private List userNatureMappers; public void afterPropertiesSet() throws Exception { @@ -83,15 +87,19 @@ public class ArgeoSecurityDaoLdap implements ArgeoSecurityDao, InitializingBean userDetailsManager = ludm; } -// if (ldapUserDetailsService == null) { -// ldapUserDetailsService = new LdapUserDetailsService(null, -// authoritiesPopulator); -// ldapUserDetailsService.setUserDetailsMapper(userDetailsMapper); -// } + if (ldapUserDetailsService == null) { + FilterBasedLdapUserSearch ldapUserSearch = new FilterBasedLdapUserSearch( + userBase, "(" + usernameAttributeName + "={0})", + contextSource); + ldapUserDetailsService = new LdapUserDetailsService(ldapUserSearch, + authoritiesPopulator); + ldapUserDetailsService.setUserDetailsMapper(userDetailsMapper); + } } - public ArgeoSecurityDaoLdap(ContextSource contextSource) { - ldapTemplate = new LdapTemplate(contextSource); + public ArgeoSecurityDaoLdap(BaseLdapPathContextSource contextSource) { + this.contextSource = contextSource; + ldapTemplate = new LdapTemplate(this.contextSource); } public void create(ArgeoUser user) { @@ -279,8 +287,8 @@ public class ArgeoSecurityDaoLdap implements ArgeoSecurityDao, InitializingBean this.groupClasses = groupClasses; } - public UserDetailsManager getUserDetailsManager() { - return userDetailsManager; + public UserDetailsService getUserDetailsService() { + return ldapUserDetailsService; } }