Please take a look on configuration as shown below:
ldap.urls=ldap://***.***.local:8389
ldap.base.dn=dc=test,dc=com
ldap.user.dn.pattern=(&(objectClass=user)(userPrincipalName={0})(memberof=CN=Group Name,OU=***,OU=****,DC=test,DC=com))
@Configuration
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
private final static Logger log = LogManager.getLogger(WebSecurityConfig.class);
@Value("${ldap.url}")
private String ldapUrl;
@Value("${ldap.base.dn}")
private String ldapDomain;
@Value("${ldap.user.dn.pattern}")
private String ldapUserDnPattern;
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests().anyRequest().fullyAuthenticated().and().httpBasic();
}
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
ActiveDirectoryLdapAuthenticationProvider adProvider = new ActiveDirectoryLdapAuthenticationProvider(
this.ldapDomain, this.ldapUrl);
adProvider.setConvertSubErrorCodesToExceptions(true);
adProvider.setUseAuthenticationRequestCredentials(true);
// Checks with the Distinguished Name pattern provided
if (this.ldapUserDnPattern != null && this.ldapUserDnPattern.trim().length() > 0) {
adProvider.setSearchFilter(this.ldapUserDnPattern);
}
auth.authenticationProvider(adProvider);
}
}
Can someone please tell me how to specify the userDn and password while configuring using ActiveDirectoryLdapAuthenticationProvider?
define ldap.domain=test.com in your properties.
@Configuration
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
private final static Logger log = LogManager.getLogger(WebSecurityConfig.class);
@Value("${ldap.url}")
private String ldapUrl;
@Value("${ldap.base.dn}")
private String ldapBaseDN;
@Value("${ldap.domain}")
private String ldapDomain;
@Value("${ldap.user.dn.pattern}")
private String ldapUserDnPattern;
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests().anyRequest().fullyAuthenticated().and().httpBasic();
}
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
ActiveDirectoryLdapAuthenticationProvider adProvider = new ActiveDirectoryLdapAuthenticationProvider(
this.ldapDomain, this.ldapUrl, this.ldapBaseDN);
adProvider.setConvertSubErrorCodesToExceptions(true);
adProvider.setUseAuthenticationRequestCredentials(true);
// Checks with the Distinguished Name pattern provided
if (this.ldapUserDnPattern != null && this.ldapUserDnPattern.trim().length() > 0) {
adProvider.setSearchFilter(this.ldapUserDnPattern);
}
auth.authenticationProvider(adProvider);
}
}