org.springframework.security.ldap.DefaultSpringSecurityContextSource Java Examples

The following examples show how to use org.springframework.security.ldap.DefaultSpringSecurityContextSource. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: LdapContextSourceFactory.java    From gravitee-management-rest-api with Apache License 2.0 6 votes vote down vote up
private DefaultSpringSecurityContextSource build() throws Exception {
            DefaultSpringSecurityContextSource contextSource = new DefaultSpringSecurityContextSource(
                    getProviderUrl());
            if (managerDn != null) {
                contextSource.setUserDn(managerDn);
                if (managerPassword == null) {
                    throw new IllegalStateException(
                            "managerPassword is required if managerDn is supplied");
                }
                contextSource.setPassword(managerPassword);
            }
//            contextSource = postProcess(contextSource);
            if (url != null) {
                return contextSource;
            }
            ApacheDSContainer embeddedApacheContainer = new ApacheDSContainer(root, ldif);
            embeddedApacheContainer.setPort(getPort());
            apacheDsContainer = embeddedApacheContainer;
//            postProcess(apacheDsContainer);
            return contextSource;
        }
 
Example #2
Source File: LdapAuthenticationProviderConfigurer.java    From gravitee-management-rest-api with Apache License 2.0 6 votes vote down vote up
private DefaultSpringSecurityContextSource build() throws Exception {
    DefaultSpringSecurityContextSource contextSource = new DefaultSpringSecurityContextSource(
            getProviderUrl());
    if (managerDn != null) {
        contextSource.setUserDn(managerDn);
        if (managerPassword == null) {
            throw new IllegalStateException(
                    "managerPassword is required if managerDn is supplied");
        }
        contextSource.setPassword(managerPassword);
    }
    contextSource = postProcess(contextSource);
    if (url != null) {
        return contextSource;
    }
    ApacheDSContainer apacheDsContainer = new ApacheDSContainer(root, ldif);
    apacheDsContainer.setPort(getPort());
    postProcess(apacheDsContainer);
    return contextSource;
}
 
Example #3
Source File: AuthenticationCheck.java    From ranger with Apache License 2.0 6 votes vote down vote up
private Authentication getADBindAuthentication(String ldapUrl, String bindDn, String bindPassword,
                                               String userName, String userPassword) {
    Authentication result = null;
    try {
        LdapContextSource ldapContextSource = new DefaultSpringSecurityContextSource(ldapUrl);
        ldapContextSource.setUserDn(bindDn);
        ldapContextSource.setPassword(bindPassword);
        ldapContextSource.setReferral("follow");
        ldapContextSource.setCacheEnvironmentProperties(true);
        ldapContextSource.setAnonymousReadOnly(false);
        ldapContextSource.setPooled(true);
        ldapContextSource.afterPropertiesSet();

        String searchFilter="(sAMAccountName={0})";
        FilterBasedLdapUserSearch userSearch=new FilterBasedLdapUserSearch(adDomain, searchFilter,ldapContextSource);
        userSearch.setSearchSubtree(true);

        BindAuthenticator bindAuthenticator = new BindAuthenticator(ldapContextSource);
        bindAuthenticator.setUserSearch(userSearch);
        bindAuthenticator.afterPropertiesSet();

        LdapAuthenticationProvider ldapAuthenticationProvider = new LdapAuthenticationProvider(bindAuthenticator);

        if (userName != null && userPassword != null && !userName.trim().isEmpty() && !userPassword.trim().isEmpty()) {
            final List<GrantedAuthority> grantedAuths = new ArrayList<>();
            grantedAuths.add(new SimpleGrantedAuthority("ROLE_USER"));
            final UserDetails principal = new User(userName, userPassword, grantedAuths);
            final Authentication finalAuthentication = new UsernamePasswordAuthenticationToken(principal, userPassword, grantedAuths);

            result = ldapAuthenticationProvider.authenticate(finalAuthentication);
        }

    } catch (BadCredentialsException bce) {
        logFile.println("ERROR: LDAP Authentication Failed. Please verify values for ranger.admin.auth.sampleuser and " +
                "ranger.admin.auth.samplepassword\n");
    } catch (Exception e) {
        logFile.println("ERROR: LDAP Authentication Failed: " + e);
    }
    return result;
}
 
Example #4
Source File: SecurityConfig.java    From Spring-Security-Third-Edition with MIT License 5 votes vote down vote up
/**
 * LDAP Server Context
 * @return
 */
@Bean
public DefaultSpringSecurityContextSource contextSource() {
    return new DefaultSpringSecurityContextSource(
            Arrays.asList("ldap://localhost:" + LDAP_PORT + "/"),
            "dc=jbcpcalendar,dc=com");
}
 
Example #5
Source File: LdapAuthenticationProvider.java    From gravitee-management-rest-api with Apache License 2.0 5 votes vote down vote up
@Override
public SecurityConfigurer configure() throws Exception {
    LOGGER.info("Configuring an LDAP Identity Provider");

    LdapAuthenticationProviderConfigurer<AuthenticationManagerBuilder> ldapAuthenticationProviderConfigurer =
            new LdapAuthenticationProviderConfigurer<>();

    // Create LDAP context
    DefaultSpringSecurityContextSource contextSource = new DefaultSpringSecurityContextSource(
            environment.getProperty("context.url"));
    contextSource.setBase(environment.getProperty("context.base"));
    contextSource.setUserDn(environment.getProperty("context.username"));
    contextSource.setPassword(environment.getProperty("context.password"));
    contextSource.afterPropertiesSet();

    ldapAuthenticationProviderConfigurer
            .userSearchBase(environment.getProperty("authentication.user.base", ""))
            .userSearchFilter(environment.getProperty("authentication.user.filter"))
            .groupSearchBase(environment.getProperty("authentication.group.base", ""))
            .groupSearchFilter(environment.getProperty("authentication.group.filter", "(uniqueMember={0})"))
            .groupRoleAttribute(environment.getProperty("authentication.group.role.attribute", "cn"))
            .rolePrefix("");

    DefaultLdapAuthoritiesPopulator populator = new DefaultLdapAuthoritiesPopulator(contextSource,
            environment.getProperty("authentication.group.base", ""));
    populator.setRolePrefix("");
    populator.setGroupRoleAttribute(environment.getProperty("authentication.group.role.attribute", "cn"));
    populator.setGroupSearchFilter(environment.getProperty("authentication.group.filter", "(uniqueMember={0})"));

    ldapAuthenticationProviderConfigurer.ldapAuthoritiesPopulator(populator).contextSource(contextSource);

    // set up LDAP mapper
    UserDetailsContextPropertiesMapper userDetailsContextPropertiesMapper = new UserDetailsContextPropertiesMapper();
    userDetailsContextPropertiesMapper.setEnvironment(environment);
    userDetailsContextPropertiesMapper.afterPropertiesSet();
    ldapAuthenticationProviderConfigurer.userDetailsContextMapper(userDetailsContextPropertiesMapper);

    return ldapAuthenticationProviderConfigurer;
}
 
Example #6
Source File: LdapConfig.java    From fiat with Apache License 2.0 5 votes vote down vote up
@Bean
SpringSecurityLdapTemplate springSecurityLdapTemplate() throws Exception {
  DefaultSpringSecurityContextSource contextSource =
      new DefaultSpringSecurityContextSource(configProps.url);
  contextSource.setUserDn(configProps.managerDn);
  contextSource.setPassword(configProps.managerPassword);
  contextSource.afterPropertiesSet();

  return new SpringSecurityLdapTemplate(contextSource);
}
 
Example #7
Source File: AtlasLdapAuthenticationProvider.java    From incubator-atlas with Apache License 2.0 5 votes vote down vote up
private LdapContextSource getLdapContextSource() throws Exception {
    LdapContextSource ldapContextSource = new DefaultSpringSecurityContextSource(
            ldapURL);
    ldapContextSource.setUserDn(ldapBindDN);
    ldapContextSource.setPassword(ldapBindPassword);
    ldapContextSource.setReferral(ldapReferral);
    ldapContextSource.setCacheEnvironmentProperties(false);
    ldapContextSource.setAnonymousReadOnly(false);
    ldapContextSource.setPooled(true);
    ldapContextSource.afterPropertiesSet();
    return ldapContextSource;
}
 
Example #8
Source File: SecurityConfig.java    From Spring-Security-Third-Edition with MIT License 5 votes vote down vote up
/**
 * LDAP Server Context
 * @return
 */
@Bean
public DefaultSpringSecurityContextSource contextSource() {
    return new DefaultSpringSecurityContextSource(
            Arrays.asList("ldap://corp.jbcpcalendar.com/"), "dc=corp,dc=jbcpcalendar,dc=com"){{

        setUserDn("CN=Administrator,CN=Users,DC=corp,DC=jbcpcalendar,DC=com");
        setPassword("admin123!");
    }};
}
 
Example #9
Source File: SecurityConfig.java    From Spring-Security-Third-Edition with MIT License 5 votes vote down vote up
/**
 * LDAP Server Context
 * @return
 */
@Bean
public DefaultSpringSecurityContextSource contextSource() {
    return new DefaultSpringSecurityContextSource(
            Arrays.asList("ldap://localhost:" + LDAP_PORT + "/"), "dc=jbcpcalendar,dc=com"){{

        setUserDn("uid=admin,ou=system");
        setPassword("secret");
    }};
}
 
Example #10
Source File: SecurityConfig.java    From Spring-Security-Third-Edition with MIT License 5 votes vote down vote up
/**
 * LDAP Server Context
 * @return
 */
@Bean
public DefaultSpringSecurityContextSource contextSource() {
    return new DefaultSpringSecurityContextSource(
            Arrays.asList("ldap://localhost:" + LDAP_PORT + "/"),
            "dc=jbcpcalendar,dc=com");
}
 
Example #11
Source File: SecurityConfig.java    From Spring-Security-Third-Edition with MIT License 5 votes vote down vote up
/**
     * LDAP Server Context
     * TODO: Need to get port / URL from properties.
     * @return
     */
    @Description("Embedded LDAP Context Config")
    @Bean
    public DefaultSpringSecurityContextSource contextSource() {
        return new DefaultSpringSecurityContextSource(
                Arrays.asList("ldap://localhost:" + LDAP_PORT + "/"), "dc=jbcpcalendar,dc=com"){{

            setUserDn("[email protected],ou=Administrators");
//            setUserDn("uid=admin, ou=system");
//            setPassword("secret");
            setPassword("admin1");
        }};
    }
 
Example #12
Source File: RangerAuthenticationProvider.java    From ranger with Apache License 2.0 5 votes vote down vote up
private Authentication getADBindAuthentication(Authentication authentication) {
	try {
		String rangerADURL = PropertiesUtil.getProperty("ranger.ldap.ad.url", "");
		String rangerLdapADBase = PropertiesUtil.getProperty("ranger.ldap.ad.base.dn", "");
		String rangerADBindDN = PropertiesUtil.getProperty("ranger.ldap.ad.bind.dn", "");
		String rangerADBindPassword = PropertiesUtil.getProperty("ranger.ldap.ad.bind.password", "");
		String rangerLdapDefaultRole = PropertiesUtil.getProperty("ranger.ldap.default.role", "ROLE_USER");
		String rangerLdapReferral = PropertiesUtil.getProperty("ranger.ldap.ad.referral", "follow");
		String rangerLdapUserSearchFilter = PropertiesUtil.getProperty("ranger.ldap.ad.user.searchfilter", "(sAMAccountName={0})");
		boolean rangerIsStartTlsEnabled = Boolean.valueOf(PropertiesUtil.getProperty(
				"ranger.ldap.starttls", "false"));
		String userName = authentication.getName();
		String userPassword = "";
		if (authentication.getCredentials() != null) {
			userPassword = authentication.getCredentials().toString();
		}

		LdapContextSource ldapContextSource = new DefaultSpringSecurityContextSource(rangerADURL);
		ldapContextSource.setUserDn(rangerADBindDN);
		ldapContextSource.setPassword(rangerADBindPassword);
		ldapContextSource.setReferral(rangerLdapReferral);
		ldapContextSource.setCacheEnvironmentProperties(true);
		ldapContextSource.setAnonymousReadOnly(false);
		ldapContextSource.setPooled(true);
		if (rangerIsStartTlsEnabled) {
			ldapContextSource.setPooled(false);
			ldapContextSource.setAuthenticationStrategy(new DefaultTlsDirContextAuthenticationStrategy());
		}
		ldapContextSource.afterPropertiesSet();

		//String searchFilter="(sAMAccountName={0})";
		if (rangerLdapUserSearchFilter==null || rangerLdapUserSearchFilter.trim().isEmpty()) {
			rangerLdapUserSearchFilter="(sAMAccountName={0})";
		}
		FilterBasedLdapUserSearch userSearch=new FilterBasedLdapUserSearch(rangerLdapADBase, rangerLdapUserSearchFilter,ldapContextSource);
		userSearch.setSearchSubtree(true);

		BindAuthenticator bindAuthenticator = new BindAuthenticator(ldapContextSource);
		bindAuthenticator.setUserSearch(userSearch);
		bindAuthenticator.afterPropertiesSet();

		LdapAuthenticationProvider ldapAuthenticationProvider = new LdapAuthenticationProvider(bindAuthenticator);

		if (userName != null && userPassword != null && !userName.trim().isEmpty() && !userPassword.trim().isEmpty()) {
			final List<GrantedAuthority> grantedAuths = new ArrayList<>();
			grantedAuths.add(new SimpleGrantedAuthority(rangerLdapDefaultRole));
			final UserDetails principal = new User(userName, userPassword,grantedAuths);
			final Authentication finalAuthentication = new UsernamePasswordAuthenticationToken(principal, userPassword, grantedAuths);

			authentication = ldapAuthenticationProvider.authenticate(finalAuthentication);
			authentication=getAuthenticationWithGrantedAuthority(authentication);
			return authentication;
		} else {
			return authentication;
		}
	} catch (Exception e) {
		logger.debug("AD Authentication Failed:", e);
	}
	return authentication;
}
 
Example #13
Source File: SecurityConfig.java    From Spring-Security-Third-Edition with MIT License 5 votes vote down vote up
/**
 * LDAP Server Context
 * @return
 */
@Bean
public DefaultSpringSecurityContextSource contextSource() {
    return new DefaultSpringSecurityContextSource(
            Arrays.asList("ldap://corp.jbcpcalendar.com/"), "dc=corp,dc=jbcpcalendar,dc=com"){{

        setUserDn("CN=Administrator,CN=Users,DC=corp,DC=jbcpcalendar,DC=com");
        setPassword("admin123!");
    }};
}
 
Example #14
Source File: AtlasLdapAuthenticationProvider.java    From atlas with Apache License 2.0 5 votes vote down vote up
private LdapContextSource getLdapContextSource() throws Exception {
    LdapContextSource ldapContextSource = new DefaultSpringSecurityContextSource(
            ldapURL);
    ldapContextSource.setUserDn(ldapBindDN);
    ldapContextSource.setPassword(ldapBindPassword);
    ldapContextSource.setReferral(ldapReferral);
    ldapContextSource.setCacheEnvironmentProperties(false);
    ldapContextSource.setAnonymousReadOnly(false);
    ldapContextSource.setPooled(true);
    ldapContextSource.afterPropertiesSet();
    return ldapContextSource;
}
 
Example #15
Source File: LDAPAuthenticator.java    From para with Apache License 2.0 4 votes vote down vote up
/**
 * Default constructor.
 * @param ldapSettings LDAP config map for an app
 */
public LDAPAuthenticator(Map<String, String> ldapSettings) {
	if (ldapSettings != null && ldapSettings.containsKey("security.ldap.server_url")) {
		String serverUrl = ldapSettings.get("security.ldap.server_url");
		String baseDN = ldapSettings.get("security.ldap.base_dn");
		String bindDN = Utils.noSpaces(ldapSettings.get("security.ldap.bind_dn"), "%20");
		String bindPass = ldapSettings.get("security.ldap.bind_pass");
		String userSearchBase = ldapSettings.get("security.ldap.user_search_base");
		String userSearchFilter = ldapSettings.get("security.ldap.user_search_filter");
		String userDnPattern = ldapSettings.get("security.ldap.user_dn_pattern");
		String passAttribute = ldapSettings.get("security.ldap.password_attribute");
		boolean usePasswordComparison = ldapSettings.containsKey("security.ldap.compare_passwords");

		DefaultSpringSecurityContextSource contextSource =
				new DefaultSpringSecurityContextSource(Arrays.asList(serverUrl), baseDN);
		contextSource.setAuthenticationSource(new SpringSecurityAuthenticationSource());
		contextSource.setCacheEnvironmentProperties(false);
		if (!bindDN.isEmpty()) {
			// this is usually not required for authentication - leave blank
			contextSource.setUserDn(bindDN);
		}
		if (!bindPass.isEmpty()) {
			// this is usually not required for authentication - leave blank
			contextSource.setPassword(bindPass);
		}
		LdapUserSearch userSearch = new FilterBasedLdapUserSearch(userSearchBase, userSearchFilter, contextSource);

		if (usePasswordComparison) {
			PasswordComparisonAuthenticator p = new PasswordComparisonAuthenticator(contextSource);
			p.setPasswordAttributeName(passAttribute);
			p.setUserDnPatterns(getUserDnPatterns(userDnPattern));
			p.setUserSearch(userSearch);
			authenticator = p;
		} else {
			BindAuthenticator b = new BindAuthenticator(contextSource);
			b.setUserDnPatterns(getUserDnPatterns(userDnPattern));
			b.setUserSearch(userSearch);
			authenticator = b;
		}
	}
}
 
Example #16
Source File: LdapAuthentication.java    From osiam with MIT License 4 votes vote down vote up
@Bean
public BaseLdapPathContextSource contextSource() {
    return new DefaultSpringSecurityContextSource(serverUrl);
}
 
Example #17
Source File: RangerAuthenticationProvider.java    From ranger with Apache License 2.0 4 votes vote down vote up
private Authentication getLdapBindAuthentication(Authentication authentication) {
	try {
		String rangerLdapURL = PropertiesUtil.getProperty("ranger.ldap.url", "");
		String rangerLdapUserDNPattern = PropertiesUtil.getProperty("ranger.ldap.user.dnpattern", "");
		String rangerLdapGroupSearchBase = PropertiesUtil.getProperty("ranger.ldap.group.searchbase", "");
		String rangerLdapGroupSearchFilter = PropertiesUtil.getProperty("ranger.ldap.group.searchfilter", "");
		String rangerLdapGroupRoleAttribute = PropertiesUtil.getProperty("ranger.ldap.group.roleattribute", "");
		String rangerLdapDefaultRole = PropertiesUtil.getProperty("ranger.ldap.default.role", "ROLE_USER");
		String rangerLdapBase = PropertiesUtil.getProperty("ranger.ldap.base.dn", "");
		String rangerLdapBindDN = PropertiesUtil.getProperty("ranger.ldap.bind.dn", "");
		String rangerLdapBindPassword = PropertiesUtil.getProperty("ranger.ldap.bind.password", "");
		String rangerLdapReferral = PropertiesUtil.getProperty("ranger.ldap.referral", "follow");
		String rangerLdapUserSearchFilter = PropertiesUtil.getProperty("ranger.ldap.user.searchfilter", "(uid={0})");
		boolean rangerIsStartTlsEnabled = Boolean.valueOf(PropertiesUtil.getProperty(
				"ranger.ldap.starttls", "false"));
		String userName = authentication.getName();
		String userPassword = "";
		if (authentication.getCredentials() != null) {
			userPassword = authentication.getCredentials().toString();
		}

		LdapContextSource ldapContextSource = new DefaultSpringSecurityContextSource(rangerLdapURL);
		ldapContextSource.setUserDn(rangerLdapBindDN);
		ldapContextSource.setPassword(rangerLdapBindPassword);
		ldapContextSource.setReferral(rangerLdapReferral);
		ldapContextSource.setCacheEnvironmentProperties(false);
		ldapContextSource.setAnonymousReadOnly(false);
		ldapContextSource.setPooled(true);
		if (rangerIsStartTlsEnabled) {
			ldapContextSource.setPooled(false);
			ldapContextSource.setAuthenticationStrategy(new DefaultTlsDirContextAuthenticationStrategy());
		}
		ldapContextSource.afterPropertiesSet();

		DefaultLdapAuthoritiesPopulator defaultLdapAuthoritiesPopulator = new DefaultLdapAuthoritiesPopulator(ldapContextSource, rangerLdapGroupSearchBase);
		defaultLdapAuthoritiesPopulator.setGroupRoleAttribute(rangerLdapGroupRoleAttribute);
		defaultLdapAuthoritiesPopulator.setGroupSearchFilter(rangerLdapGroupSearchFilter);
		defaultLdapAuthoritiesPopulator.setIgnorePartialResultException(true);

		//String searchFilter="(uid={0})";
		if (rangerLdapUserSearchFilter==null||rangerLdapUserSearchFilter.trim().isEmpty()) {
			rangerLdapUserSearchFilter="(uid={0})";
		}
		FilterBasedLdapUserSearch userSearch=new FilterBasedLdapUserSearch(rangerLdapBase, rangerLdapUserSearchFilter,ldapContextSource);
		userSearch.setSearchSubtree(true);

		BindAuthenticator bindAuthenticator = new BindAuthenticator(ldapContextSource);
		bindAuthenticator.setUserSearch(userSearch);
		String[] userDnPatterns = new String[] { rangerLdapUserDNPattern };
		bindAuthenticator.setUserDnPatterns(userDnPatterns);
		bindAuthenticator.afterPropertiesSet();

		LdapAuthenticationProvider ldapAuthenticationProvider = new LdapAuthenticationProvider(bindAuthenticator,defaultLdapAuthoritiesPopulator);

		if (userName != null && userPassword != null && !userName.trim().isEmpty()&& !userPassword.trim().isEmpty()) {
			final List<GrantedAuthority> grantedAuths = new ArrayList<>();
			grantedAuths.add(new SimpleGrantedAuthority(rangerLdapDefaultRole));
			final UserDetails principal = new User(userName, userPassword,grantedAuths);
			final Authentication finalAuthentication = new UsernamePasswordAuthenticationToken(principal, userPassword, grantedAuths);

			authentication = ldapAuthenticationProvider.authenticate(finalAuthentication);
			authentication=getAuthenticationWithGrantedAuthority(authentication);
			return authentication;
		} else {
			return authentication;
		}
	} catch (Exception e) {
		logger.debug("LDAP Authentication Failed:", e);
	}
	return authentication;
}
 
Example #18
Source File: AuthenticationCheck.java    From ranger with Apache License 2.0 4 votes vote down vote up
private Authentication getLdapBindAuthentication(String ldapUrl, String bindDn, String bindPassword,
                                                 String userName, String userPassword) {
    Authentication result = null;
    try {
        LdapContextSource ldapContextSource = new DefaultSpringSecurityContextSource(ldapUrl);
        ldapContextSource.setUserDn(bindDn);
        ldapContextSource.setPassword(bindPassword);
        ldapContextSource.setReferral("follow");
        ldapContextSource.setCacheEnvironmentProperties(false);
        ldapContextSource.setAnonymousReadOnly(true);
        ldapContextSource.setPooled(true);
        ldapContextSource.afterPropertiesSet();

        DefaultLdapAuthoritiesPopulator defaultLdapAuthoritiesPopulator = new DefaultLdapAuthoritiesPopulator(ldapContextSource, groupSearchBase);
        defaultLdapAuthoritiesPopulator.setGroupRoleAttribute(roleAttribute);
        defaultLdapAuthoritiesPopulator.setGroupSearchFilter(groupSearchFilter);
        defaultLdapAuthoritiesPopulator.setIgnorePartialResultException(true);

        String searchFilter="(uid={0})";
        FilterBasedLdapUserSearch userSearch=new FilterBasedLdapUserSearch(adDomain, searchFilter,ldapContextSource);
        userSearch.setSearchSubtree(true);

        BindAuthenticator bindAuthenticator = new BindAuthenticator(ldapContextSource);
        bindAuthenticator.setUserSearch(userSearch);
        String[] userDnPatterns = new String[] { userDnPattern };
        bindAuthenticator.setUserDnPatterns(userDnPatterns);
        bindAuthenticator.afterPropertiesSet();

        LdapAuthenticationProvider ldapAuthenticationProvider = new LdapAuthenticationProvider(bindAuthenticator,defaultLdapAuthoritiesPopulator);

        if (userName != null && userPassword != null && !userName.trim().isEmpty() && !userPassword.trim().isEmpty()) {
            final List<GrantedAuthority> grantedAuths = new ArrayList<>();
            grantedAuths.add(new SimpleGrantedAuthority("ROLE_USER"));
            final UserDetails principal = new User(userName, userPassword, grantedAuths);
            final Authentication finalAuthentication = new UsernamePasswordAuthenticationToken(principal, userPassword, grantedAuths);

            result = ldapAuthenticationProvider.authenticate(finalAuthentication);
        }
    } catch (BadCredentialsException bce) {
        logFile.println("ERROR: LDAP Authentication Failed. Please verify values for ranger.admin.auth.sampleuser and " +
                "ranger.admin.auth.samplepassword\n");
    } catch (Exception e) {
        logFile.println("ERROR: LDAP Authentication Failed: " + e);
    }
    return result;
}
 
Example #19
Source File: AtlasADAuthenticationProvider.java    From atlas with Apache License 2.0 4 votes vote down vote up
private Authentication getADBindAuthentication (Authentication authentication) {
     try {
         String userName = authentication.getName();
         String userPassword = "";
         if (authentication.getCredentials() != null) {
             userPassword = authentication.getCredentials().toString();
         }

         LdapContextSource ldapContextSource = new DefaultSpringSecurityContextSource(adURL);
         ldapContextSource.setUserDn(adBindDN);
         ldapContextSource.setPassword(adBindPassword);
         ldapContextSource.setReferral(adReferral);
         ldapContextSource.setCacheEnvironmentProperties(true);
         ldapContextSource.setAnonymousReadOnly(false);
         ldapContextSource.setPooled(true);
         ldapContextSource.afterPropertiesSet();

         FilterBasedLdapUserSearch userSearch=new FilterBasedLdapUserSearch(adBase, adUserSearchFilter,ldapContextSource);
         userSearch.setSearchSubtree(true);

         BindAuthenticator bindAuthenticator = new BindAuthenticator(ldapContextSource);
         bindAuthenticator.setUserSearch(userSearch);
         bindAuthenticator.afterPropertiesSet();

LdapAuthenticationProvider ldapAuthenticationProvider = new LdapAuthenticationProvider(bindAuthenticator);

         if (userName != null && userPassword != null
                 && !userName.trim().isEmpty()
                 && !userPassword.trim().isEmpty()) {
             final List<GrantedAuthority> grantedAuths = getAuthorities(userName);
             final UserDetails principal = new User(userName, userPassword,
                     grantedAuths);
             final Authentication finalAuthentication = new UsernamePasswordAuthenticationToken(
                     principal, userPassword, grantedAuths);
             authentication = ldapAuthenticationProvider.authenticate(finalAuthentication);
             if (groupsFromUGI) {
                 authentication = getAuthenticationWithGrantedAuthorityFromUGI(authentication);
             }
             return authentication;
         } else {
             LOG.error("AD Authentication Failed userName or userPassword is null or empty");
             return null;
         }
     } catch (Exception e) {
         LOG.error("AD Authentication Failed:", e);
         return null;
     }
 }
 
Example #20
Source File: AtlasADAuthenticationProvider.java    From incubator-atlas with Apache License 2.0 4 votes vote down vote up
private Authentication getADBindAuthentication (Authentication authentication) {
     try {
         String userName = authentication.getName();
         String userPassword = "";
         if (authentication.getCredentials() != null) {
             userPassword = authentication.getCredentials().toString();
         }

         LdapContextSource ldapContextSource = new DefaultSpringSecurityContextSource(adURL);
         ldapContextSource.setUserDn(adBindDN);
         ldapContextSource.setPassword(adBindPassword);
         ldapContextSource.setReferral(adReferral);
         ldapContextSource.setCacheEnvironmentProperties(true);
         ldapContextSource.setAnonymousReadOnly(false);
         ldapContextSource.setPooled(true);
         ldapContextSource.afterPropertiesSet();

         if (adUserSearchFilter==null || adUserSearchFilter.trim().isEmpty()) {
             adUserSearchFilter="(sAMAccountName={0})";
         }
         FilterBasedLdapUserSearch userSearch=new FilterBasedLdapUserSearch(adBase, adUserSearchFilter,ldapContextSource);
         userSearch.setSearchSubtree(true);

         BindAuthenticator bindAuthenticator = new BindAuthenticator(ldapContextSource);
         bindAuthenticator.setUserSearch(userSearch);
         bindAuthenticator.afterPropertiesSet();

LdapAuthenticationProvider ldapAuthenticationProvider = new LdapAuthenticationProvider(bindAuthenticator);

         if (userName != null && userPassword != null
                 && !userName.trim().isEmpty()
                 && !userPassword.trim().isEmpty()) {
             final List<GrantedAuthority> grantedAuths = getAuthorities(userName);
             final UserDetails principal = new User(userName, userPassword,
                     grantedAuths);
             final Authentication finalAuthentication = new UsernamePasswordAuthenticationToken(
                     principal, userPassword, grantedAuths);
             authentication = ldapAuthenticationProvider.authenticate(finalAuthentication);
             if (groupsFromUGI) {
                 authentication = getAuthenticationWithGrantedAuthorityFromUGI(authentication);
             }
             return authentication;
         } else {
             LOG.error("AD Authentication Failed userName or userPassword is null or empty");
             return null;
         }
     } catch (Exception e) {
         LOG.error("AD Authentication Failed:", e);
         return null;
     }
 }
 
Example #21
Source File: SecurityConfig.java    From Spring-Security-Third-Edition with MIT License 4 votes vote down vote up
/**
 * LDAP Server Context
 * @return
 */
@Bean
public DefaultSpringSecurityContextSource contextSource() {
    return new DefaultSpringSecurityContextSource(
            Arrays.asList("ldap://localhost:33389/"), "dc=jbcpcalendar,dc=com");
}
 
Example #22
Source File: SecurityConfig.java    From Spring-Security-Third-Edition with MIT License 4 votes vote down vote up
/**
 * LDAP Server Context
 * @return
 */
@Bean
public DefaultSpringSecurityContextSource contextSource() {
    return new DefaultSpringSecurityContextSource(
            Arrays.asList("ldap://localhost:" + LDAP_PORT + "/"), "dc=jbcpcalendar,dc=com");
}
 
Example #23
Source File: SecurityConfig.java    From Spring-Security-Third-Edition with MIT License 4 votes vote down vote up
/**
 * LDAP Server Context
 * @return
 */
@Bean
public DefaultSpringSecurityContextSource contextSource() {
    return new DefaultSpringSecurityContextSource(
            Arrays.asList("ldap://localhost:" + LDAP_PORT + "/"), "dc=jbcpcalendar,dc=com");
}
 
Example #24
Source File: SecurityConfig.java    From Spring-Security-Third-Edition with MIT License 4 votes vote down vote up
/**
 * LDAP Server Context
 * @return
 */
@Bean
public DefaultSpringSecurityContextSource contextSource() {
    return new DefaultSpringSecurityContextSource(
            Arrays.asList("ldap://localhost:" + LDAP_PORT + "/"), "dc=jbcpcalendar,dc=com");
}
 
Example #25
Source File: SecurityConfig.java    From Spring-Security-Third-Edition with MIT License 4 votes vote down vote up
/**
 * LDAP Server Context
 * @return
 */
@Bean
public DefaultSpringSecurityContextSource contextSource() {
    return new DefaultSpringSecurityContextSource(
            Arrays.asList("ldap://localhost:" + LDAP_PORT + "/"), "dc=jbcpcalendar,dc=com");
}
 
Example #26
Source File: WebSecurityConfig.java    From taskana with Apache License 2.0 4 votes vote down vote up
@Bean
public DefaultSpringSecurityContextSource defaultSpringSecurityContextSource() {
  return new DefaultSpringSecurityContextSource(ldapServerUrl + "/" + ldapBaseDn);
}
 
Example #27
Source File: WebSecurityConfig.java    From taskana with Apache License 2.0 4 votes vote down vote up
@Bean
public DefaultSpringSecurityContextSource defaultSpringSecurityContextSource() {
  return new DefaultSpringSecurityContextSource(ldapServerUrl + "/" + ldapBaseDn);
}