Spring Data-Ldap: Part 2

Saksham

Now since we have plugged in the LDAP information it is time now to stitch it with Spring Security and the easiest thing to do is

@Configuration
@EnableWebSecurity(debug = true)
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

    private static final Logger logger = LoggerFactory.getLogger(WebSecurityConfig.class);


    @Autowired
    private LdapContextSource ldapContextSource;

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.httpBasic().and().authorizeRequests().antMatchers("/users","/").permitAll()
                .anyRequest().authenticated().and().csrf().disable();
    }

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.ldapAuthentication().contextSource(ldapContextSource)
                .userSearchBase("ou=users")
                .groupSearchBase("ou=groups")
                .groupSearchFilter("member={0}")
                .userDnPatterns("ou=users,dc=example,dc=com")
                .userSearchFilter("uid={0}");
    }
}

I have already added the ldapContextInformation in the ApacheDSConfiguration class.

@Bean
LdapTemplate ldapTemplate(ContextSource contextSource) {
    return new LdapTemplate(contextSource);
}

After weaving this together I exposed a new method in controller

@ResponseBody
@PostMapping("/protected")
public String protectedMethod(HttpServletRequest request) {
    logger.debug(" Requested: " + request.getRequestURI() + " : " + request.getUserPrincipal().getName() + " : " + context.getApplicationName());
    return "Method Protected";
}

and am ready to fire my application with a post method that has been protected by the backed Ldap (Apache DS).

POST /events/protected HTTP/1.1
> Host: localhost:8082
> Authorization: Basic c3NoYXJtYTpmaXJld2FsbA==
> User-Agent: insomnia/6.3.2
> Cookie: JSESSIONID=A049DCE901E82092A38867FA67A773A9
> Accept: */*
> Content-Length: 0
< HTTP/1.1 200
* Replaced cookie JSESSIONID=”635AE0B0C5C3F7C6BF28FA7776D2FBA0″ for domain localhost, path /events, expire 0
< Set-Cookie: JSESSIONID=635AE0B0C5C3F7C6BF28FA7776D2FBA0; Path=/events; HttpOnly
< X-Content-Type-Options: nosniff
< X-XSS-Protection: 1; mode=block
< Cache-Control: no-cache, no-store, max-age=0, must-revalidate
< Pragma: no-cache
< Expires: 0
< X-Frame-Options: DENY
< Content-Type: text/plain;charset=UTF-8
< Content-Length: 16
< Date: Wed, 24 Apr 2019 14:12:30 GMT

Leave a Reply

Your email address will not be published.