I am using LDAP authentication in spring-security. For some reason I don't have an LDAP server and I have configured my spring-security.xml to use the LDIF file.
I need to add a custom attribute, called type for the users. So I created an objectclass and an attributetypes as mentioned here.
The LDIF file looks like :
dn: cn=subschemasubentry
changetype: modify
add: attributetypes
attributetypes: ( 1.2.3.4.5.6.7 NAME 'type' DESC 'New attribute definition'
EQUALITY caseIgnoreMatch SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )
dn: cn=subschemasubentry
changetype: modify
add: objectClasses
objectClasses: ( 1.2.3.4.56789.1.0.200 NAME 'testUser'
SUP ( inetOrgPerson ) STRUCTURAL
MUST cn
MAY type )
dn: ou=users,dc=springframework,dc=org
objectclass: top
objectclass: organizationalUnit
ou: users
dn: uid=testuser1,ou=users,dc=springframework,dc=org
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: testUser
mail: test1@test.com
cn: Some Name
sn: someName
uid: someId
type: someType
userPassword: pass1
However, this fails with NameNotFoundException, when I try to use some REST call (protected by spring-security) with the error :
LDAP: error code 32 - NO_SUCH_OBJECT:
...
...
Attempt to search under non-existant entry: ou=users,dc=springframework,dc=org];
nested exception is javax.naming.NameNotFoundException:
If I remove the custom attribute and the custom objectclass, and change the user data to objectclass: inetOrgPerson, it works fine.
How can I add the objectclass and the attributes then ?
I was trying to use the schema in LDIF files, which was wrong. I used ApacheDS to create new schema with the custom attributes and custom objectclass. Then exported them to LDIF.
The resulting LDIF I added to the LDIF file used for spring-security.
It is another matter that spring still does not read the new attributes from entries even when it reads the object classes.