+++ /dev/null
-<?xml version="1.0" encoding="UTF-8"?>
-<projectDescription>
- <name>org.argeo.security.auth</name>
- <comment></comment>
- <projects>
- </projects>
- <buildSpec>
- <buildCommand>
- <name>org.eclipse.pde.ManifestBuilder</name>
- <arguments>
- </arguments>
- </buildCommand>
- <buildCommand>
- <name>org.eclipse.pde.SchemaBuilder</name>
- <arguments>
- </arguments>
- </buildCommand>
- </buildSpec>
- <natures>
- <nature>org.eclipse.pde.PluginNature</nature>
- </natures>
-</projectDescription>
+++ /dev/null
-Manifest-Version: 1.0
-Bundle-ManifestVersion: 2
-Bundle-Name: Manager
-Bundle-SymbolicName: org.argeo.security.auth
-Bundle-Version: 0.3.5.SNAPSHOT
-Bundle-Vendor: Argeo
-Bundle-RequiredExecutionEnvironment: J2SE-1.5
+++ /dev/null
-<beans xmlns="http://www.springframework.org/schema/beans"
- xmlns:security="http://www.springframework.org/schema/security"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:util="http://www.springframework.org/schema/util"
- xsi:schemaLocation="http://www.springframework.org/schema/beans
- http://www.springframework.org/schema/beans/spring-beans-2.5.xsd
- http://www.springframework.org/schema/security
- http://www.springframework.org/schema/security/spring-security-2.0.4.xsd
- http://www.springframework.org/schema/util
- http://www.springframework.org/schema/util/spring-util-2.5.xsd">
-
- <bean id="argeoDataModel" class="org.argeo.jackrabbit.JackrabbitContainer"
- init-method="init" destroy-method="destroy">
- <description><![CDATA[Make sure that Argeo base data model is registered]]></description>
- <property name="cndFiles">
- <list>
- <value>/org/argeo/jcr/argeo.cnd</value>
- </list>
- </property>
- <property name="repository" ref="nodeRepository" />
- <property name="bundleContext" ref="bundleContext" />
- </bean>
-</beans>
+++ /dev/null
-<beans xmlns="http://www.springframework.org/schema/beans"
- xmlns:security="http://www.springframework.org/schema/security"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:util="http://www.springframework.org/schema/util"
- xsi:schemaLocation="http://www.springframework.org/schema/beans
- http://www.springframework.org/schema/beans/spring-beans-2.5.xsd
- http://www.springframework.org/schema/security
- http://www.springframework.org/schema/security/spring-security-2.0.4.xsd
- http://www.springframework.org/schema/util
- http://www.springframework.org/schema/util/spring-util-2.5.xsd">
-
- <bean id="jcrLdapSynchronizer" class="org.argeo.security.ldap.jcr.JcrLdapSynchronizer"
- init-method="init" destroy-method="destroy" depends-on="argeoDataModel">
- <!-- LDAP -->
- <property name="usernameAttribute" value="${argeo.ldap.usernameAttribute}" />
- <property name="passwordAttribute" value="${argeo.ldap.passwordAttribute}" />
- <property name="userClasses">
- <list>
- <value>${argeo.ldap.userClass}</value>
- </list>
- </property>
- <property name="passwordEncoder" ref="passwordEncoder" />
- <property name="userBase" value="${argeo.ldap.userBase}" />
- <property name="usernameMapper" ref="usernameMapper" />
- <property name="ldapTemplate" ref="ldapTemplate" />
- <property name="rawLdapTemplate" ref="rawLdapTemplate" />
- <!-- JCR -->
- <property name="repository" ref="nodeRepository" />
- <property name="securityWorkspace" value="${argeo.node.repo.securityWorkspace}" />
- <property name="propertyToAttributes" ref="propertyToAttributes" />
- </bean>
-
- <!-- LDAP / JCR mapping -->
- <util:map id="propertyToAttributes">
- <entry value="cn">
- <key>
- <util:constant static-field="javax.jcr.Property.JCR_TITLE" />
- </key>
- </entry>
- <entry value="description">
- <key>
- <util:constant static-field="javax.jcr.Property.JCR_DESCRIPTION" />
- </key>
- </entry>
- <entry value="givenName">
- <key>
- <util:constant static-field="org.argeo.jcr.ArgeoNames.ARGEO_FIRST_NAME" />
- </key>
- </entry>
- <entry value="sn">
- <key>
- <util:constant static-field="org.argeo.jcr.ArgeoNames.ARGEO_LAST_NAME" />
- </key>
- </entry>
- <entry value="mail">
- <key>
- <util:constant static-field="org.argeo.jcr.ArgeoNames.ARGEO_PRIMARY_EMAIL" />
- </key>
- </entry>
- <entry value="o">
- <key>
- <util:constant static-field="org.argeo.jcr.ArgeoNames.ARGEO_PRIMARY_ORGANIZATION" />
- </key>
- </entry>
- </util:map>
-</beans>
+++ /dev/null
-<beans xmlns="http://www.springframework.org/schema/beans"
- xmlns:security="http://www.springframework.org/schema/security"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
- http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.4.xsd">
-
-
- <!-- AUTHENTICATION -->
- <bean id="ldapAuthenticationProvider"
- class="org.springframework.security.providers.ldap.LdapAuthenticationProvider">
- <constructor-arg ref="ldapAuthenticator" />
- <constructor-arg ref="authoritiesPopulator" />
- <property name="userDetailsContextMapper" ref="jcrLdapSynchronizer" />
- </bean>
-
- <!-- PasswordComparisonAuthenticator doesn't work with SSHA -->
- <bean id="ldapAuthenticator"
- class="org.springframework.security.providers.ldap.authenticator.PasswordComparisonAuthenticator">
- <constructor-arg ref="contextSource" />
- <property name="userDnPatterns">
- <list>
- <value><![CDATA[${argeo.ldap.usernameAttribute}={0},${argeo.ldap.userBase}]]></value>
- </list>
- </property>
- <property name="passwordAttributeName" value="${argeo.ldap.passwordAttribute}" />
- <property name="passwordEncoder" ref="passwordEncoder" />
- </bean>
-
- <!-- Bind authenticator doesn't work with Apache DS 1.0 -->
- <!-- <bean id="ldapAuthenticator" -->
- <!-- class="org.springframework.security.providers.ldap.authenticator.BindAuthenticator"> -->
- <!-- <constructor-arg ref="contextSource" /> -->
- <!-- <property name="userDnPatterns"> -->
- <!-- <list> -->
- <!-- <value><![CDATA[${argeo.ldap.usernameAttribute}={0},${argeo.ldap.userBase}]]></value> -->
- <!-- </list> -->
- <!-- </property> -->
- <!-- </bean> -->
-
- <!-- USER DETAILS -->
- <bean id="ldapUserDetailsService"
- class="org.springframework.security.userdetails.ldap.LdapUserDetailsService">
- <constructor-arg ref="ldapUserSearch" />
- <constructor-arg ref="authoritiesPopulator" />
- <property name="userDetailsMapper" ref="jcrLdapSynchronizer" />
- </bean>
-
- <bean id="ldapUserSearch"
- class="org.springframework.security.ldap.search.FilterBasedLdapUserSearch">
- <!-- search base -->
- <constructor-arg value="${argeo.ldap.userBase}" />
- <!-- search filter -->
- <constructor-arg value="(${argeo.ldap.usernameAttribute}={0})" />
- <!-- context source -->
- <constructor-arg ref="contextSource" />
- </bean>
-
- <bean id="usernameMapper"
- class="org.springframework.security.ldap.DefaultLdapUsernameToDnMapper">
- <constructor-arg value="${argeo.ldap.userBase}" />
- <constructor-arg value="${argeo.ldap.usernameAttribute}" />
- </bean>
-
- <bean id="authoritiesPopulator"
- class="org.springframework.security.ldap.populator.DefaultLdapAuthoritiesPopulator">
- <constructor-arg ref="contextSource" />
- <constructor-arg value="${argeo.ldap.groupBase}" />
- <property name="groupSearchFilter" value="${argeo.ldap.groupMemberAttribute}={0}" />
- <property name="defaultRole" value="${argeo.security.defaultRole}" />
- <property name="rolePrefix" value="${argeo.security.rolePrefix}" />
- </bean>
-
- <!-- LDAP LOW LEVEL -->
- <bean id="contextSource"
- class="org.springframework.security.ldap.DefaultSpringSecurityContextSource">
- <constructor-arg
- value="${argeo.ldap.protocol}://${argeo.ldap.host}:${argeo.ldap.port}/${argeo.ldap.rootdn}" />
- <property name="userDn" value="${argeo.ldap.manager.userdn}" />
- <property name="password" value="${argeo.ldap.manager.password}" />
- </bean>
-
- <bean id="ldapTemplate" class="org.springframework.ldap.core.LdapTemplate">
- <constructor-arg ref="contextSource" />
- </bean>
-
- <bean id="rawLdapTemplate" class="org.springframework.ldap.core.LdapTemplate">
- <description><![CDATA[LDAP template returning raw dir contexts, see http://forum.springsource.org/showthread.php?55955-Persistent-search-with-spring-ldap]]></description>
- <constructor-arg>
- <bean parent="contextSource">
- <property name="dirObjectFactory">
- <null />
- </property>
- </bean>
- </constructor-arg>
- </bean>
-
- <bean id="passwordEncoder" class="org.argeo.security.ldap.ArgeoLdapShaPasswordEncoder">
- <property name="useSalt" value="${argeo.ldap.password.useSalt}" />
- </bean>
-</beans>
+++ /dev/null
-<?xml version="1.0" encoding="UTF-8"?>\r
-<beans:beans xmlns="http://www.springframework.org/schema/osgi"\r
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:beans="http://www.springframework.org/schema/beans"\r
- xsi:schemaLocation="http://www.springframework.org/schema/osgi \r
- http://www.springframework.org/schema/osgi/spring-osgi-1.1.xsd\r
- http://www.springframework.org/schema/beans \r
- http://www.springframework.org/schema/beans/spring-beans-2.5.xsd">\r
-\r
- <!-- REFERENCES -->\r
- <reference id="nodeRepository" interface="javax.jcr.Repository"\r
- filter="(argeo.jcr.repository.alias=node)" />\r
-\r
- <!-- SERVICES -->\r
- <service ref="systemExecutionService" interface="org.argeo.security.SystemExecutionService" />\r
- <service ref="authenticationManager"\r
- interface="org.springframework.security.AuthenticationManager"\r
- context-class-loader="service-provider" />\r
-\r
- <service ref="ldapUserDetailsService"\r
- interface="org.springframework.security.userdetails.UserDetailsService"\r
- context-class-loader="service-provider" />\r
-</beans:beans>
\ No newline at end of file
+++ /dev/null
-<?xml version="1.0" encoding="UTF-8"?>
-<beans xmlns="http://www.springframework.org/schema/beans"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="
- http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.5.xsd">
-
- <!-- COMMON -->
- <bean
- class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">
- <property name="systemPropertiesModeName" value="SYSTEM_PROPERTIES_MODE_OVERRIDE" />
- <property name="locations">
- <value>osgibundle:auth.properties</value>
- </property>
- </bean>
-
- <!-- SERVICES -->
- <bean id="systemExecutionService" class="org.argeo.security.core.KeyBasedSystemExecutionService">
- <property name="authenticationManager" ref="authenticationManager" />
- <property name="systemAuthenticationKey" value="${argeo.security.systemKey}" />
- </bean>
-
- <bean id="authenticationManager" class="org.springframework.security.providers.ProviderManager">
- <property name="providers">
- <list>
- <ref bean="anonymousAuthenticationProvider" />
- <ref bean="authByAdapterProvider" />
- <ref bean="ldapAuthenticationProvider" />
- </list>
- </property>
- </bean>
-
- <!-- Authentication provider -->
- <bean id="authByAdapterProvider"
- class="org.springframework.security.adapters.AuthByAdapterProvider">
- <description><![CDATA[System authentication]]></description>
- <property name="key" value="${argeo.security.systemKey}" />
- </bean>
-
- <bean id="anonymousAuthenticationProvider"
- class="org.springframework.security.providers.anonymous.AnonymousAuthenticationProvider">
- <description><![CDATA[Anonymous authentication]]></description>
- <property name="key" value="${argeo.security.systemKey}" />
- </bean>
-
- <!-- Internal authentication, used by during the general authentication
- initialization himself, in order to prevent the following dependency cycle:
- Repository.login() <= AuthenticationManager <= LdapAuthenticationProvider
- <= Repository.login() in init() -->
- <bean id="internalAuthenticationManager" class="org.springframework.security.providers.ProviderManager">
- <property name="providers">
- <list>
- <ref bean="authByAdapterProvider" />
- </list>
- </property>
- </bean>
-
- <bean
- class="org.argeo.security.core.AuthenticatedApplicationContextInitialization">
- <description><![CDATA[Executes initialization with a system authentication]]></description>
- <property name="authenticationManager" ref="internalAuthenticationManager" />
- </bean>
-</beans>
\ No newline at end of file
+++ /dev/null
-argeo.node.repo.securityWorkspace=security
-
-argeo.security.defaultRole=ROLE_USER
-argeo.security.rolePrefix=ROLE_
-
-argeo.security.systemKey=argeo
-
-argeo.ldap.rootdn=dc=demo,dc=argeo,dc=org
-argeo.ldap.protocol=ldap
-argeo.ldap.host=localhost
-# default are for Apache Directory Server
-argeo.ldap.port=10389
-argeo.ldap.manager.userdn=uid=admin,ou=system
-argeo.ldap.manager.password=secret
-
-# USER
-argeo.ldap.userClass=inetOrgPerson
-argeo.ldap.osUserClass=posixAccount
-argeo.ldap.userBase=ou=People
-argeo.ldap.usernameAttribute=uid
-argeo.ldap.passwordAttribute=userPassword
-# ROLES
-argeo.ldap.groupClass=groupOfNames
-argeo.ldap.groupBase=ou=Roles
-argeo.ldap.groupRoleAttribute=cn
-argeo.ldap.groupMemberAttribute=member
-# OS GROUPS
-argeo.ldap.osGroupClass=posixGroup
-argeo.ldap.osGroupBase=ou=Group
-argeo.ldap.osGroupNameAttribute=cn
-argeo.ldap.osGroupMemberAttribute=memberUid
-
-argeo.ldap.password.useSalt=false
\ No newline at end of file
+++ /dev/null
-source.. = src/main/java/
-output.. = target/classes/
-bin.includes = META-INF/,\
- .
+++ /dev/null
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
- <modelVersion>4.0.0</modelVersion>
- <parent>
- <groupId>org.argeo.commons.security</groupId>
- <version>0.3.4-SNAPSHOT</version>
- <artifactId>modules</artifactId>
- <relativePath>..</relativePath>
- </parent>
- <artifactId>org.argeo.security.auth</artifactId>
- <name>Commons Security Default Authentication</name>
- <build>
- <plugins>
- <plugin>
- <groupId>org.apache.felix</groupId>
- <artifactId>maven-bundle-plugin</artifactId>
- <configuration>
- <instructions>
- <Import-Package>
- *,
- org.argeo.jcr,
- com.sun.jndi.ldap;resolution:=optional,
- org.springframework.ldap.core.support,
- org.springframework.security
- </Import-Package>
- </instructions>
- </configuration>
- </plugin>
- </plugins>
- </build>
-</project>
\ No newline at end of file