Spring LdapAuthentication and Load roles from local database -


i have spring security configured authenticate against ldap server.

<security:authentication-manager >     <security:ldap-authentication-provider user-dn-pattern="uid={0}" />  </security:authentication-manager>

after authentication want load roles local database same user. how can load local database roles using "ldap-authentication-provider"?

if add second authentication provider below:

<security:authentication-manager >     <security:ldap-authentication-provider user-dn-pattern="uid={0}" />             <security:authentication-provider ref="daoauthenticationprovider" /> </security:authentication-manager>

daoauthenticationprovider added, spring not use second provider when first auth provider authenticates user. if first auth provider fails authenticate goes next in list.

so have customize

<security:ldap-authentication-provider user-dn-pattern="uid={0}" />

to load roles local database.

any suggestions? how should implemented?

an authentication provider must deliver populated authentication token on successfull authentication, it's not possible use 1 provider check user's credentials, , 1 assign authorities (roles) it.

you can customize ldap auth provider fetch user roles database instead of default behaviour (searching user's groups in ldap). ldapauthenticationprovider has 2 strategies injected: 1 performs authentication (ldapauthenticator), , 1 fetches user's authorities (ldapauthoritiespopulator). can achieve requirements if supply ldapauthoritiespopulator implementation loads roles database. in case have userdetailsservice working against database, can integrate wrapping in userdetailsserviceldapauthoritiespopulator , injecting in ldapauthenticationprovider.

since configuration rather uncommon, security xml namespace doesn't provide tags/attributes set up, raw bean config isn't complicated. here outline:

1) suppose have ldap-server somewhere in config. it's important assign , id it, allow reference later.

<security:ldap-server url="..." id="ldapserver" .../>

2) authentication-manager section, refer customized provider:

<security:authentication-manager>     <security:authentication-provider ref="customldapauthprovider"/> </security:authentication-manager>

3) now, essential part:

<bean id="customldapauthprovider" class="org.springframework.security.ldap.authentication.ldapauthenticationprovider">     <constructor-arg name="authenticator">         <bean class="org.springframework.security.ldap.authentication.bindauthenticator">             <constructor-arg name="contextsource" ref="ldapserver"/>             <property name="userdnpatterns">                 <list>                     <value>uid={0}</value>                 </list>             </property>         </bean>     </constructor-arg>     <constructor-arg name="authoritiespopulator">         <bean class="org.springframework.security.ldap.authentication.userdetailsserviceldapauthoritiespopulator">             <constructor-arg name="userservice" ref="userservice"/>         </bean>     </constructor-arg> </bean>

the authenticator same 1 created namespace config. (note contextsource attribute referencing ldap server.)

the authoritiespopulator simple wrapper around userservice implementation supposed defined somewhere in config.


Comments

Post a Comment

Popular posts from this blog

linux - xterm copying to CLIPBOARD using copy-selection causes automatic updating of CLIPBOARD upon mouse selection -

i've tried various ways coerce xterm (versions 285 , 292) copy selection clipboard clipboard whenever press ctrl-shift-c. promising way far has been, in ~/.xresources, put this: xterm*vt100.translations: #override \ ctrl shift <keypress> c: copy-selection(clipboard) \n\ ctrl shift <keypress> v: insert-selection(clipboard) ctrl-shift-v works perfectly, copying has nuance... if restart xterm, highlighting text puts things in primary clipboard; expected, proper, default behavior. if hit ctrl-shift-c, copies current selection clipboard clipboard. the bug, however, if highlight text after first time pressed ctrl-shift-c, you'll see highlighting copies both primary and clipboard. cannot figure out how stop xterm updating clipboard upon selection... , doesn't make sense me in first place. i said, @ specific point in time, copy selection clipboard... yet starts updating automatically upon selection after doing once... anyone have workaround...
Read more

c++ - qgraphicsview horizontal scrolling always has a vertical delta -

Image
i've subclassed qgraphicsview custom canvas used in cad application. i've reimplemented qgraphicsview::wheelevent check keyboard modifiers control key and, if control key pressed, zoom. i'm trying implement horizontal scroll when user holds shift , uses wheel. the problem i'm having horizontal scrolling always scrolls 0.279. not huge problem, hugely annoying , points else being wrong. so, here questions: is right way implement horizontal scrolling? if not, is? how eliminate delta of 0.279? thanks in advance. code , sample output below void myview::zoom(int delta) { double factor = pow(1.2, delta/abs(delta)); this->scale(factor, factor); } void myview::scrollhorizontal(int level) { qpointf center = maptoscene(viewport()->rect().center()); qdebug() << "center: " << center.x() << ", " << center.y(); centeron(qpointf(center.x() - level, center.y())); } void myview::wheelevent(qwheeleve...
Read more