LDAP authentication

git-svn-id: https://svn.argeo.org/commons/trunk@2940 4cfe0d0a-d680-48aa-b62c-e0a02a3f76cc

diff --git a/security/demo/.classpath b/security/demo/.classpath
new file mode 100644 (file)
index 0000000..d0bec0f
--- /dev/null
+++ b/security/demo/.classpath
@@ -0,0 +1,6 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<classpath>
+       <classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/J2SE-1.5"/>
+       <classpathentry kind="con" path="org.maven.ide.eclipse.MAVEN2_CLASSPATH_CONTAINER"/>
+       <classpathentry kind="output" path="target/classes"/>
+</classpath>

diff --git a/security/demo/.project b/security/demo/.project
new file mode 100644 (file)
index 0000000..170a236
--- /dev/null
+++ b/security/demo/.project
@@ -0,0 +1,23 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<projectDescription>
+       <name>org.argeo.commons.security.demo</name>
+       <comment></comment>
+       <projects>
+       </projects>
+       <buildSpec>
+               <buildCommand>
+                       <name>org.eclipse.jdt.core.javabuilder</name>
+                       <arguments>
+                       </arguments>
+               </buildCommand>
+               <buildCommand>
+                       <name>org.maven.ide.eclipse.maven2Builder</name>
+                       <arguments>
+                       </arguments>
+               </buildCommand>
+       </buildSpec>
+       <natures>
+               <nature>org.maven.ide.eclipse.maven2Nature</nature>
+               <nature>org.eclipse.jdt.core.javanature</nature>
+       </natures>
+</projectDescription>

diff --git a/security/demo/.settings/org.eclipse.jdt.core.prefs b/security/demo/.settings/org.eclipse.jdt.core.prefs
new file mode 100644 (file)
index 0000000..742857a
--- /dev/null
+++ b/security/demo/.settings/org.eclipse.jdt.core.prefs
@@ -0,0 +1,5 @@
+#Wed Sep 16 19:11:49 CEST 2009
+eclipse.preferences.version=1
+org.eclipse.jdt.core.compiler.codegen.targetPlatform=1.5
+org.eclipse.jdt.core.compiler.compliance=1.5
+org.eclipse.jdt.core.compiler.source=1.5

diff --git a/security/demo/.settings/org.maven.ide.eclipse.prefs b/security/demo/.settings/org.maven.ide.eclipse.prefs
new file mode 100644 (file)
index 0000000..004ee66
--- /dev/null
+++ b/security/demo/.settings/org.maven.ide.eclipse.prefs
@@ -0,0 +1,9 @@
+#Wed Sep 16 19:09:41 CEST 2009
+activeProfiles=
+eclipse.preferences.version=1
+fullBuildGoals=process-test-resources
+includeModules=false
+resolveWorkspaceProjects=true
+resourceFilterGoals=process-resources resources\:testResources
+skipCompilerPlugin=true
+version=1

diff --git a/security/demo/org.argeo.security.demo.log4j/log4j.properties b/security/demo/org.argeo.security.demo.log4j/log4j.properties
index dd02654c292c9d8880583c15fd032b40e92ad447..75aa477996062072d16b769edca26bea4ca3a6f1 100644 (file)
--- a/security/demo/org.argeo.security.demo.log4j/log4j.properties
+++ b/security/demo/org.argeo.security.demo.log4j/log4j.properties
@@ -6,14 +6,9 @@ log4j.logger.org.argeo=DEBUG
 log4j.logger.org.hibernate=WARN
 
 log4j.logger.org.springframework=WARN
-log4j.logger.org.springframework.web=DEBUG
+#log4j.logger.org.springframework.web=DEBUG
 #log4j.logger.org.springframework.jms=WARN
-#log4j.logger.org.springframework.security=WARN
-
-log4j.logger.org.apache.activemq=WARN
-log4j.logger.org.apache.activemq.transport=WARN
-log4j.logger.org.apache.activemq.ActiveMQMessageConsumer=INFO
-log4j.logger.org.apache.activemq.ActiveMQMessageProducer=INFO
+log4j.logger.org.springframework.security=DEBUG
 
 log4j.logger.org.apache.catalina=INFO
 log4j.logger.org.apache.coyote=INFO

diff --git a/security/demo/pom.xml b/security/demo/pom.xml
index 7f52d9631fa513d295208e5234f0983c41fcc5d9..404eb18b8ed7dd14aba0d2eb34e1ed43076bf37d 100644 (file)
--- a/security/demo/pom.xml
+++ b/security/demo/pom.xml
@@ -16,6 +16,7 @@
                        <plugin>
                                <groupId>org.argeo.maven.plugins</groupId>
                                <artifactId>maven-argeo-osgi-plugin</artifactId>
+                               <version>${version.maven-argeo-osgi}</version>
                                <extensions>true</extensions>
                                <configuration>
                                        <bundlesPomArtifactId>org.argeo.security.demo</bundlesPomArtifactId>
@@ -24,6 +25,7 @@
                        <plugin>
                                <groupId>org.argeo.maven.plugins</groupId>
                                <artifactId>maven-argeo-osgi-plugin</artifactId>
+                               <version>${version.maven-argeo-osgi}</version>
                                <configuration>
                                        <execDir>target/exec</execDir>
                                        <osgiBootArtifactId>org.argeo.osgi.boot</osgiBootArtifactId>
@@ -193,5 +195,31 @@
                        ActiveMQ <dependency> <groupId>org.argeo.dep.osgi</groupId>
                        <artifactId>org.argeo.dep.osgi.activemq</artifactId> </dependency>
                -->
+
+               <!-- Apache Directory -->
+               <dependency>
+                       <groupId>org.apache.directory</groupId>
+                       <artifactId>com.springsource.org.apache.directory.server.core</artifactId>
+                       <version>1.0.2</version>
+               </dependency>
+               <dependency>
+                       <groupId>org.apache.directory</groupId>
+                       <artifactId>com.springsource.org.apache.directory.server.jndi</artifactId>
+                       <version>1.0.2</version>
+               </dependency>
+               <dependency>
+                       <groupId>net.sourceforge.jdbm</groupId>
+                       <artifactId>com.springsource.jdbm</artifactId>
+                       <version>1.0.0</version>
+               </dependency>
+               <!--
+                       TODO: version 2.4.0 is required by Spring-LDAP while Apache Directory
+                       takes 2.1.0
+               -->
+               <dependency>
+                       <groupId>org.apache.commons</groupId>
+                       <artifactId>com.springsource.org.apache.commons.lang</artifactId>
+                       <version>2.4.0</version>
+               </dependency>
        </dependencies>
 </project>
\ No newline at end of file

diff --git a/security/modules/org.argeo.security.webapp/META-INF/MANIFEST.MF b/security/modules/org.argeo.security.webapp/META-INF/MANIFEST.MF
index 8116c1e4f3179d0303950ef59a7da645a139e156..124179eb3ea50c6582dc84a689b4a71e20e92145 100644 (file)
--- a/security/modules/org.argeo.security.webapp/META-INF/MANIFEST.MF
+++ b/security/modules/org.argeo.security.webapp/META-INF/MANIFEST.MF
@@ -11,4 +11,11 @@ Import-Package: javax.servlet,
  org.springframework.web.context,
  org.springframework.web.context.support,
  org.springframework.web.filter,
- org.springframework.web.servlet
+ org.springframework.web.servlet,
+ org.springframework.security.ldap,
+ org.springframework.security.providers.ldap,
+ org.springframework.security.providers.ldap.authenticator,
+ org.springframework.security.ldap.populator,
+ org.springframework.security.userdetails.ldap,
+ org.springframework.security,
+ org.springframework.ldap.core.support

diff --git a/security/modules/org.argeo.security.webapp/WEB-INF/applicationContext.xml b/security/modules/org.argeo.security.webapp/WEB-INF/applicationContext.xml
index 2ad009d2b42a6753790b59099d446573cdc3682b..7d0e6beb075ba26b5685a88d1cbf6f70506f654b 100644 (file)
--- a/security/modules/org.argeo.security.webapp/WEB-INF/applicationContext.xml
+++ b/security/modules/org.argeo.security.webapp/WEB-INF/applicationContext.xml
@@ -11,6 +11,7 @@
                <import resource="classpath:/org/argeo/slc/server/spring/jmx.xml" />
        -->
        <import resource="security.xml" />
+       <import resource="ldap.xml" />
 
        <import resource="osgi.xml" />
 

diff --git a/security/modules/org.argeo.security.webapp/WEB-INF/ldap.xml b/security/modules/org.argeo.security.webapp/WEB-INF/ldap.xml
new file mode 100644 (file)
index 0000000..eab6c3a
--- /dev/null
+++ b/security/modules/org.argeo.security.webapp/WEB-INF/ldap.xml
@@ -0,0 +1,49 @@
+<beans xmlns="http://www.springframework.org/schema/beans"
+       xmlns:security="http://www.springframework.org/schema/security"
+       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+       xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
+              http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.4.xsd">
+       <security:ldap-server url="ldap://localhost:389/dc=argeo,dc=org"
+               manager-dn="cn=Manager,dc=argeo,dc=org" manager-password="secret" />
+       <security:ldap-authentication-provider
+               user-dn-pattern="uid={0},ou=users" group-search-base="ou=groups">
+               <security:password-compare hash="{sha}" />
+       </security:ldap-authentication-provider>
+  
+  <!-- 
+       <bean id="contextSource"
+               class="org.springframework.security.ldap.DefaultSpringSecurityContextSource">
+               <constructor-arg value="ldap://localhost:389/dc=argeo,dc=org" />
+               <property name="userDn" value="cn=Manager,dc=argeo,dc=org" />
+               <property name="password" value="secret" />
+       </bean>
+       
+       <bean id="ldapAuthProvider"
+               class="org.springframework.security.providers.ldap.LdapAuthenticationProvider">
+               <constructor-arg>
+                       <bean
+                               class="org.springframework.security.providers.ldap.authenticator.PasswordComparisonAuthenticator">
+                               <constructor-arg ref="contextSource" />
+                               <property name="userDnPatterns">
+                                       <list>
+                                               <value>uid={0},ou=users</value>
+                                       </list>
+                               </property>
+                               <property name="passwordEncoder">
+                                       <bean
+                                               class="org.springframework.security.providers.ldap.authenticator.LdapShaPasswordEncoder"></bean>
+                               </property>
+                       </bean>
+               </constructor-arg>
+               <constructor-arg>
+                       <bean
+                               class="org.springframework.security.ldap.populator.DefaultLdapAuthoritiesPopulator">
+                               <constructor-arg ref="contextSource" />
+                               <constructor-arg value="ou=groups" />
+                               <property name="groupRoleAttribute" value="ou" />
+                       </bean>
+               </constructor-arg>
+       </bean>
+       
+        -->
+</beans>

diff --git a/security/modules/org.argeo.security.webapp/WEB-INF/security.xml b/security/modules/org.argeo.security.webapp/WEB-INF/security.xml
index 35397ad70748a7e5e08702d3a40ac1b8085ed8b6..81595ee9b2e80f95ec5e3e190b247bb2ee3c97db 100644 (file)
--- a/security/modules/org.argeo.security.webapp/WEB-INF/security.xml
+++ b/security/modules/org.argeo.security.webapp/WEB-INF/security.xml
@@ -4,11 +4,12 @@
               http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.4.xsd">
 
        <http realm="User Interface" >
-               <intercept-url pattern="/**" access="ROLE_USER,ROLE_ADMIN" />
+               <intercept-url pattern="/**" access="ROLE_REGISTEREDUSERS,ROLE_USER,ROLE_ADMIN" />
                <http-basic />
                <anonymous />
        </http>
-
+       
+<!-- 
        <authentication-provider>
                <user-service>
                        <user name="mbaudier" password="mbaudier" authorities="ROLE_USER,ROLE_ADMIN" />
@@ -17,5 +18,5 @@
                        <user name="demo" password="demo" authorities="ROLE_USER" />
                </user-service>
        </authentication-provider>
-
+ -->
 </beans:beans>

diff --git a/security/runtime/org.argeo.security.core/pom.xml b/security/runtime/org.argeo.security.core/pom.xml
index 340e08fc9a9c4b7994b04a99f683ab54cef8d8ca..0b103ee238d54416fe95b7ad1f170f90801b6790 100644 (file)
--- a/security/runtime/org.argeo.security.core/pom.xml
+++ b/security/runtime/org.argeo.security.core/pom.xml
@@ -42,7 +42,7 @@
                <dependency>
                        <groupId>org.argeo.dep.osgi</groupId>
                        <artifactId>org.argeo.dep.osgi.springframework.ldap</artifactId>
-                       <version>1.3.0.0002</version>
+                       <version>1.3.0.0003-SNAPSHOT</version>
                </dependency>
 
                <!-- Security -->

diff --git a/server/modules/org.argeo.server.ads.server/META-INF/MANIFEST.MF b/server/modules/org.argeo.server.ads.server/META-INF/MANIFEST.MF
new file mode 100644 (file)
index 0000000..91eeea7
--- /dev/null
+++ b/server/modules/org.argeo.server.ads.server/META-INF/MANIFEST.MF
@@ -0,0 +1,8 @@
+Bundle-Version: 0.1.1.SNAPSHOT
+Bundle-SymbolicName: org.argeo.server.ads.server
+Import-Package: org.apache.directory.server.configuration,
+ org.apache.directory.server.core.partition.impl.btree,
+ org.apache.directory.server.jndi,
+ org.apache.directory.shared.asn1.codec,
+ org.springframework.security.config,
+ org.springframework.security.ldap

diff --git a/server/modules/org.argeo.server.ads.server/META-INF/spring/ads.xml b/server/modules/org.argeo.server.ads.server/META-INF/spring/ads.xml
new file mode 100644 (file)
index 0000000..7c47ba4
--- /dev/null
+++ b/server/modules/org.argeo.server.ads.server/META-INF/spring/ads.xml
@@ -0,0 +1,9 @@
+<beans:beans xmlns="http://www.springframework.org/schema/security"
+       xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+       xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
+              http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.4.xsd">
+
+       <!-- <ldap-server ldif="classpath:base.ldif" /> -->
+       <ldap-server root="dc=argeo,dc=org" port="10389"/>
+
+</beans:beans>