Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Added extra FAQ on "Bad Credentials" message and on testing LDAP authentication. Minor mods to LDAP doc.

This commit is contained in:
Luke Taylor 2011-03-29 15:30:08 +01:00
parent 78d5495945
commit 9c88576992
2 changed files with 801 additions and 590 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1373
docs/faq/src/docbook/faq.xml
View File

File diff suppressed because it is too large Load Diff

18
docs/manual/src/docbook/ldap-auth-provider.xml
View File

@ -32,12 +32,15 @@
<listitem> <listitem>
<para>Obtaining the unique LDAP <quote>Distinguished Name</quote>, or DN, from the <para>Obtaining the unique LDAP <quote>Distinguished Name</quote>, or DN, from the
login name. This will often mean performing a search in the directory, unless login name. This will often mean performing a search in the directory, unless
the exact mapping of usernames to DNs is known in advance.</para> the exact mapping of usernames to DNs is known in advance. So a user might enter
the name <quote>joe</quote> when logging in, but the actual name used to
authenticate to LDAP will be the full DN, such as
<literal>uid=joe,ou=users,dc=springsource,dc=com</literal>.</para>
</listitem> </listitem>
<listitem> <listitem>
<para>Authenticating the user, either by binding as that user or by performing a <para>Authenticating the user, either by <quote>binding</quote> as that user or by
remote <quote>compare</quote> operation of the user's password against the performing a remote <quote>compare</quote> operation of the user's password
password attribute in the directory entry for the DN.</para> against the password attribute in the directory entry for the DN.</para>
</listitem> </listitem>
<listitem> <listitem>
<para>Loading the list of authorities for the user.</para> <para>Loading the list of authorities for the user.</para>
@ -100,9 +103,10 @@
]]></programlisting> If used with the server definition above, this would ]]></programlisting> If used with the server definition above, this would
perform a search under the DN <literal>ou=people,dc=springframework,dc=org</literal> perform a search under the DN <literal>ou=people,dc=springframework,dc=org</literal>
using the value of the <literal>user-search-filter</literal> attribute as a filter. using the value of the <literal>user-search-filter</literal> attribute as a filter.
Again the user login name is substituted for the parameter in the filter name. If Again the user login name is substituted for the parameter in the filter name, so it
<literal>user-search-base</literal> isn't supplied, the search will be performed will search for an entry with the <literal>uid</literal> attribute equal to the user
from the root. </para> name. If <literal>user-search-base</literal> isn't supplied, the search will be
performed from the root. </para>
</section> </section>
<section> <section>
<info> <info>