{"id":122,"date":"2019-04-24T14:14:51","date_gmt":"2019-04-24T14:14:51","guid":{"rendered":"https:\/\/www.samarthya.me\/wps\/?p=122"},"modified":"2019-04-24T14:14:51","modified_gmt":"2019-04-24T14:14:51","slug":"spring-data-ldap-part-2","status":"publish","type":"post","link":"https:\/\/blog.samarthya.me\/wps\/2019\/04\/24\/spring-data-ldap-part-2\/","title":{"rendered":"Spring Data-Ldap: Part 2"},"content":{"rendered":"

Now since we have plugged in the LDAP information it is time now to stitch it with Spring Security and the easiest thing to do is<\/p>\n

\n
@Configuration\r\n@EnableWebSecurity(debug = true)\r\npublic class WebSecurityConfig extends WebSecurityConfigurerAdapter {\r\n\r\n    private static final Logger logger = LoggerFactory.getLogger(WebSecurityConfig.class);\r\n\r\n\r\n    @Autowired\r\n    private LdapContextSource ldapContextSource;\r\n\r\n    @Override\r\n    protected void configure(HttpSecurity http) throws Exception {\r\n        http.httpBasic().and().authorizeRequests().antMatchers(\"\/users\",\"\/\").permitAll()\r\n                .anyRequest().authenticated().and().csrf().disable();\r\n    }\r\n\r\n    @Override\r\n    protected void configure(AuthenticationManagerBuilder auth) throws Exception {\r\n        auth.ldapAuthentication().contextSource(ldapContextSource)\r\n                .userSearchBase(\"ou=users\")\r\n                .groupSearchBase(\"ou=groups\")\r\n                .groupSearchFilter(\"member={0}\")\r\n                .userDnPatterns(\"ou=users,dc=example,dc=com\")\r\n                .userSearchFilter(\"uid={0}\");\r\n    }\r\n}\r\n\r\n<\/pre>\n<\/blockquote>\n
I have already added the ldapContextInformation in the ApacheDSConfiguration class.<\/p>\n
@Bean\r\nLdapTemplate ldapTemplate(ContextSource contextSource) {\r\n    return new LdapTemplate(contextSource);\r\n}<\/pre>\n
After weaving this together I exposed a new method in controller<\/p>\n
@ResponseBody\r\n@PostMapping(\"\/protected\")\r\npublic String protectedMethod(HttpServletRequest request) {\r\n    logger.debug(\" Requested: \" + request.getRequestURI() + \" : \" + request.getUserPrincipal().getName() + \" : \" + context.getApplicationName());\r\n    return \"Method Protected\";\r\n}<\/pre>\n
and am ready to fire my application with a post method that has been protected by the backed Ldap (Apache DS).<\/p>\n
POST \/events\/protected HTTP\/1.1
\n> Host: localhost:8082
\n> Authorization: Basic c3NoYXJtYTpmaXJld2FsbA==
\n> User-Agent: insomnia\/6.3.2
\n> Cookie: JSESSIONID=A049DCE901E82092A38867FA67A773A9
\n> Accept: *\/*
\n> Content-Length: 0
\n< HTTP\/1.1 200
\n* Replaced cookie JSESSIONID=”635AE0B0C5C3F7C6BF28FA7776D2FBA0″ for domain localhost, path \/events, expire 0
\n< Set-Cookie: JSESSIONID=635AE0B0C5C3F7C6BF28FA7776D2FBA0; Path=\/events; HttpOnly
\n< X-Content-Type-Options: nosniff
\n< X-XSS-Protection: 1; mode=block
\n< Cache-Control: no-cache, no-store, max-age=0, must-revalidate
\n< Pragma: no-cache
\n< Expires: 0
\n< X-Frame-Options: DENY
\n< Content-Type: text\/plain;charset=UTF-8
\n< Content-Length: 16
\n< Date: Wed, 24 Apr 2019 14:12:30 GMT<\/p><\/blockquote>\n
\"\"<\/p>\n","protected":false},"excerpt":{"rendered":"
Now since we have plugged in the LDAP information it is time now to stitch it with Spring Security and the easiest thing to do is @Configuration @EnableWebSecurity(debug = true) public class WebSecurityConfig extends WebSecurityConfigurerAdapter { private static final Logger logger = LoggerFactory.getLogger(WebSecurityConfig.class); @Autowired private LdapContextSource ldapContextSource; @Override protected void configure(HttpSecurity http) throws Exception { […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_exactmetrics_skip_tracking":false,"_exactmetrics_sitenote_active":false,"_exactmetrics_sitenote_note":"","_exactmetrics_sitenote_category":0,"footnotes":""},"categories":[1],"tags":[17,15],"class_list":["post-122","post","type-post","status-publish","format-standard","hentry","category-others","tag-ldap","tag-spring"],"_links":{"self":[{"href":"https:\/\/blog.samarthya.me\/wps\/wp-json\/wp\/v2\/posts\/122","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.samarthya.me\/wps\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.samarthya.me\/wps\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.samarthya.me\/wps\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.samarthya.me\/wps\/wp-json\/wp\/v2\/comments?post=122"}],"version-history":[{"count":0,"href":"https:\/\/blog.samarthya.me\/wps\/wp-json\/wp\/v2\/posts\/122\/revisions"}],"wp:attachment":[{"href":"https:\/\/blog.samarthya.me\/wps\/wp-json\/wp\/v2\/media?parent=122"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.samarthya.me\/wps\/wp-json\/wp\/v2\/categories?post=122"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.samarthya.me\/wps\/wp-json\/wp\/v2\/tags?post=122"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}