<constructor-arg ref="contextSource" />
<property name="userDnPatterns">
<list>
- <value>uid={0},ou=users</value>
+ <value>uid={0},ou=People</value>
</list>
</property>
<property name="passwordEncoder">
class="org.springframework.security.providers.ldap.authenticator.LdapShaPasswordEncoder" />
</property>
</bean>
-
-
- <!--
- <bean id="authoritiesPopulator"
- class="org.argeo.security.ldap.ArgeoLdapAuthoritiesPopulator">
- <constructor-arg ref="contextSource" /> <constructor-arg
- value="ou=groups" /> <property name="defaultRole" value="ROLE_USER" />
- <property name="groupSearchFilter" value="uniqueMember={0}" /> </bean>
-
- <bean id="userDetailsManager"
- class="org.springframework.security.userdetails.ldap.LdapUserDetailsManager">
- <constructor-arg ref="contextSource" /> <property
- name="userDetailsMapper" ref="userDetailsMapper" /> <property
- name="groupSearchBase" value="ou=groups" /> <property
- name="usernameMapper"> <bean
- class="org.springframework.security.ldap.DefaultLdapUsernameToDnMapper">
- <constructor-arg value="ou=users" /> <constructor-arg value="uid" />
- </bean> </property> </bean> <bean id="userDetailsMapper"
- class="org.argeo.security.ldap.ArgeoUserDetailsContextMapper">
- <property name="userNatureMappers" ref="userNatureMappers" /> </bean>
- -->
</beans>
private UserDetailsManager userDetailsManager;
private LdapAuthoritiesPopulator authoritiesPopulator;
- private String userBase = "ou=users";
+ private String userBase = "ou=People";
private String usernameAttributeName = "uid";
- private String groupBase = "ou=groups";
+ private String groupBase = "ou=Roles";
+ private String[] groupClasses = { "top", "groupOfNames" };
private String groupRoleAttributeName = "cn";
- private String groupMemberAttributeName = "uniquemember";
+ private String groupMemberAttributeName = "member";
private String defaultRole = "ROLE_USER";
private String rolePrefix = "ROLE_";
Name groupDn = buildGroupDn(group);
DirContextAdapter context = new DirContextAdapter();
- context.setAttributeValues("objectClass", new String[] { "top",
- "groupOfUniqueNames" });
+ context.setAttributeValues("objectClass", groupClasses);
context.setAttributeValue("cn", group);
// Add superuser because cannot create empty group
- context.setAttributeValue("uniqueMember", superuserDn.toString());
+ context.setAttributeValue(groupMemberAttributeName, superuserDn
+ .toString());
ldapTemplate.bind(groupDn, context, null);
}
public String getDefaultRole() {
return defaultRole;
}
+
+ public void setGroupClasses(String[] groupClasses) {
+ this.groupClasses = groupClasses;
+ }
}
objectClass: top
dc: demo
-dn: ou=groups,dc=demo,dc=argeo,dc=org
+dn: ou=Roles,dc=demo,dc=argeo,dc=org
objectClass: organizationalUnit
objectClass: top
-ou: groups
+ou: Roles
-dn: ou=users,dc=demo,dc=argeo,dc=org
+dn: ou=People,dc=demo,dc=argeo,dc=org
objectClass: organizationalUnit
objectClass: top
-ou: users
+ou: People
-dn: uid=demo,ou=users,dc=demo,dc=argeo,dc=org
+dn: uid=demo,ou=People,dc=demo,dc=argeo,dc=org
objectClass: organizationalPerson
objectClass: person
objectClass: inetOrgPerson
uid: demo
userpassword:: e1NIQX1pZVNWNTVRYytlUU9hWURSU2hhL0Fqek5USkU9
-dn: uid=root,ou=users,dc=demo,dc=argeo,dc=org
+dn: uid=root,ou=People,dc=demo,dc=argeo,dc=org
objectClass: person
objectClass: inetOrgPerson
objectClass: organizationalPerson
uid: root
userpassword:: e1NIQX1pZVNWNTVRYytlUU9hWURSU2hhL0Fqek5USkU9
-dn: cn=admin,ou=groups,dc=demo,dc=argeo,dc=org
-objectClass: groupOfUniqueNames
+dn: cn=admin,ou=Roles,dc=demo,dc=argeo,dc=org
+objectClass: groupOfNames
objectClass: top
cn: admin
-uniquemember: uid=root,ou=users,dc=demo,dc=argeo,dc=org
+member: uid=root,ou=People,dc=demo,dc=argeo,dc=org