SEC-271: added ldap authentication parser
This commit is contained in:
parent
1dfc2baea2
commit
c658efbc69
|
@ -7,7 +7,7 @@
|
||||||
<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER"/>
|
<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER"/>
|
||||||
<classpathentry kind="var" path="M2_REPO/commons-collections/commons-collections/3.1/commons-collections-3.1.jar" sourcepath="M2_REPO/commons-collections/commons-collections/3.1/commons-collections-3.1-sources.jar"/>
|
<classpathentry kind="var" path="M2_REPO/commons-collections/commons-collections/3.1/commons-collections-3.1.jar" sourcepath="M2_REPO/commons-collections/commons-collections/3.1/commons-collections-3.1-sources.jar"/>
|
||||||
<classpathentry kind="var" path="M2_REPO/cas/casclient/2.0.11/casclient-2.0.11.jar"/>
|
<classpathentry kind="var" path="M2_REPO/cas/casclient/2.0.11/casclient-2.0.11.jar"/>
|
||||||
<classpathentry kind="var" path="M2_REPO/org/springframework/spring-beans/2.0.4/spring-beans-2.0.4.jar"/>
|
<classpathentry kind="var" path="M2_REPO/org/springframework/spring-beans/2.0.4/spring-beans-2.0.4.jar" sourcepath="/spring"/>
|
||||||
<classpathentry kind="var" path="M2_REPO/jdbm/jdbm/1.0/jdbm-1.0.jar"/>
|
<classpathentry kind="var" path="M2_REPO/jdbm/jdbm/1.0/jdbm-1.0.jar"/>
|
||||||
<classpathentry kind="var" path="M2_REPO/org/apache/directory/shared/shared-asn1/0.9.5.3/shared-asn1-0.9.5.3.jar"/>
|
<classpathentry kind="var" path="M2_REPO/org/apache/directory/shared/shared-asn1/0.9.5.3/shared-asn1-0.9.5.3.jar"/>
|
||||||
<classpathentry kind="var" path="M2_REPO/org/springframework/spring-support/2.0.4/spring-support-2.0.4.jar"/>
|
<classpathentry kind="var" path="M2_REPO/org/springframework/spring-support/2.0.4/spring-support-2.0.4.jar"/>
|
||||||
|
@ -39,6 +39,6 @@
|
||||||
<classpathentry kind="var" path="M2_REPO/org/acegisecurity/acegi-security/1.0.5-SNAPSHOT/acegi-security-1.0.5-SNAPSHOT.jar" sourcepath="M2_REPO/org/acegisecurity/acegi-security/1.0.5-SNAPSHOT/acegi-security-1.0.5-SNAPSHOT-sources.jar"/>
|
<classpathentry kind="var" path="M2_REPO/org/acegisecurity/acegi-security/1.0.5-SNAPSHOT/acegi-security-1.0.5-SNAPSHOT.jar" sourcepath="M2_REPO/org/acegisecurity/acegi-security/1.0.5-SNAPSHOT/acegi-security-1.0.5-SNAPSHOT-sources.jar"/>
|
||||||
<classpathentry kind="var" path="M2_REPO/org/apache/directory/server/apacheds-core-shared/1.0.0/apacheds-core-shared-1.0.0.jar"/>
|
<classpathentry kind="var" path="M2_REPO/org/apache/directory/server/apacheds-core-shared/1.0.0/apacheds-core-shared-1.0.0.jar"/>
|
||||||
<classpathentry kind="var" path="M2_REPO/net/sf/ehcache/ehcache/1.2.4/ehcache-1.2.4.jar" sourcepath="M2_REPO/net/sf/ehcache/ehcache/1.2.4/ehcache-1.2.4-sources.jar"/>
|
<classpathentry kind="var" path="M2_REPO/net/sf/ehcache/ehcache/1.2.4/ehcache-1.2.4.jar" sourcepath="M2_REPO/net/sf/ehcache/ehcache/1.2.4/ehcache-1.2.4-sources.jar"/>
|
||||||
<classpathentry kind="var" path="M2_REPO/org/springframework/spring-core/2.0.4/spring-core-2.0.4.jar" sourcepath="/spring"/>
|
<classpathentry kind="var" path="M2_REPO/org/springframework/spring-core/2.0.4/spring-core-2.0.4.jar"/>
|
||||||
<classpathentry kind="output" path="target/classes"/>
|
<classpathentry kind="output" path="target/classes"/>
|
||||||
</classpath>
|
</classpath>
|
||||||
|
|
|
@ -1,23 +1,25 @@
|
||||||
|
<?xml version="1.0" encoding="UTF-8"?>
|
||||||
<projectDescription>
|
<projectDescription>
|
||||||
<name>spring-security-config</name>
|
<name>spring-security-config</name>
|
||||||
<comment>Acegi Security System for Spring</comment>
|
<comment>Acegi Security System for Spring</comment>
|
||||||
<projects/>
|
<projects>
|
||||||
<buildSpec>
|
</projects>
|
||||||
<buildCommand>
|
<buildSpec>
|
||||||
<name>org.eclipse.jdt.core.javabuilder</name>
|
<buildCommand>
|
||||||
</buildCommand>
|
<name>org.eclipse.jdt.core.javabuilder</name>
|
||||||
<buildCommand>
|
<arguments>
|
||||||
<name>org.eclipse.wst.validation.validationbuilder</name>
|
</arguments>
|
||||||
</buildCommand>
|
</buildCommand>
|
||||||
<buildCommand>
|
<buildCommand>
|
||||||
<name>org.springframework.ide.eclipse.core.springbuilder</name>
|
<name>org.eclipse.wst.validation.validationbuilder</name>
|
||||||
</buildCommand>
|
<arguments>
|
||||||
</buildSpec>
|
</arguments>
|
||||||
<natures>
|
</buildCommand>
|
||||||
<nature>org.springframework.ide.eclipse.core.springnature</nature>
|
</buildSpec>
|
||||||
<nature>org.eclipse.wst.common.project.facet.core.nature</nature>
|
<natures>
|
||||||
<nature>org.eclipse.jdt.core.javanature</nature>
|
<nature>org.eclipse.wst.common.project.facet.core.nature</nature>
|
||||||
<nature>org.eclipse.wst.common.modulecore.ModuleCoreNature</nature>
|
<nature>org.eclipse.jdt.core.javanature</nature>
|
||||||
<nature>org.eclipse.jem.workbench.JavaEMFNature</nature>
|
<nature>org.eclipse.wst.common.modulecore.ModuleCoreNature</nature>
|
||||||
</natures>
|
<nature>org.eclipse.jem.workbench.JavaEMFNature</nature>
|
||||||
</projectDescription>
|
</natures>
|
||||||
|
</projectDescription>
|
||||||
|
|
|
@ -2,5 +2,5 @@
|
||||||
<fixed facet="jst.java"/>
|
<fixed facet="jst.java"/>
|
||||||
<fixed facet="jst.utility"/>
|
<fixed facet="jst.utility"/>
|
||||||
<installed facet="jst.utility" version="1.0"/>
|
<installed facet="jst.utility" version="1.0"/>
|
||||||
<installed facet="jst.java" version="1.3"/>
|
<installed facet="jst.java" version="5.0"/>
|
||||||
</faceted-project>
|
</faceted-project>
|
|
@ -13,7 +13,13 @@
|
||||||
* limitations under the License.
|
* limitations under the License.
|
||||||
*/
|
*/
|
||||||
package org.acegisecurity.config;
|
package org.acegisecurity.config;
|
||||||
|
|
||||||
|
import org.acegisecurity.ldap.DefaultInitialDirContextFactory;
|
||||||
import org.acegisecurity.providers.ProviderManager;
|
import org.acegisecurity.providers.ProviderManager;
|
||||||
|
import org.acegisecurity.providers.ldap.LdapAuthenticationProvider;
|
||||||
|
import org.acegisecurity.providers.ldap.authenticator.BindAuthenticator;
|
||||||
|
import org.acegisecurity.providers.ldap.populator.DefaultLdapAuthoritiesPopulator;
|
||||||
|
import org.acegisecurity.util.BeanDefinitionParserUtils;
|
||||||
import org.springframework.beans.factory.config.RuntimeBeanReference;
|
import org.springframework.beans.factory.config.RuntimeBeanReference;
|
||||||
import org.springframework.beans.factory.support.AbstractBeanDefinition;
|
import org.springframework.beans.factory.support.AbstractBeanDefinition;
|
||||||
import org.springframework.beans.factory.support.ManagedList;
|
import org.springframework.beans.factory.support.ManagedList;
|
||||||
|
@ -23,14 +29,15 @@ import org.springframework.beans.factory.xml.BeanDefinitionParser;
|
||||||
import org.springframework.beans.factory.xml.ParserContext;
|
import org.springframework.beans.factory.xml.ParserContext;
|
||||||
import org.springframework.util.Assert;
|
import org.springframework.util.Assert;
|
||||||
import org.springframework.util.StringUtils;
|
import org.springframework.util.StringUtils;
|
||||||
|
import org.springframework.util.xml.DomUtils;
|
||||||
import org.w3c.dom.Element;
|
import org.w3c.dom.Element;
|
||||||
import org.w3c.dom.Node;
|
import org.w3c.dom.Node;
|
||||||
import org.w3c.dom.NodeList;
|
import org.w3c.dom.NodeList;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* * {@link BeanDefinitionParser} for the <code>authentication-mechanism</code> tag,
|
* * {@link BeanDefinitionParser} for the <code>authentication-mechanism</code>
|
||||||
* resolves to {@link org.acegisecurity.providers.ProviderManager} </br>
|
* tag, resolves to {@link org.acegisecurity.providers.ProviderManager} </br>
|
||||||
|
*
|
||||||
* @author vpuri
|
* @author vpuri
|
||||||
* @see {@link org.springframework.beans.factory.BeanFactory}
|
* @see {@link org.springframework.beans.factory.BeanFactory}
|
||||||
* @see {@link org.acegisecurity.providers.ProviderManager}
|
* @see {@link org.acegisecurity.providers.ProviderManager}
|
||||||
|
@ -42,6 +49,8 @@ public class AuthenticationMechanismBeanDefinitionParser extends AbstractBeanDef
|
||||||
// ================================================================================================
|
// ================================================================================================
|
||||||
|
|
||||||
private static final String AUTHENTICATION_JDBC = "authentication-jdbc";
|
private static final String AUTHENTICATION_JDBC = "authentication-jdbc";
|
||||||
|
|
||||||
|
private static final String AUTHENTICATION_LDAP="authentication-ldap";
|
||||||
|
|
||||||
private static final String REF = "ref";
|
private static final String REF = "ref";
|
||||||
|
|
||||||
|
@ -59,7 +68,7 @@ public class AuthenticationMechanismBeanDefinitionParser extends AbstractBeanDef
|
||||||
|
|
||||||
if (node.getNodeType() == Node.ELEMENT_NODE) {
|
if (node.getNodeType() == Node.ELEMENT_NODE) {
|
||||||
Element childElement = (Element) node;
|
Element childElement = (Element) node;
|
||||||
//this.providerExists = true;
|
// this.providerExists = true;
|
||||||
|
|
||||||
if (AUTHENTICATION_JDBC.equals(node.getLocalName())) {
|
if (AUTHENTICATION_JDBC.equals(node.getLocalName())) {
|
||||||
String attribute = childElement.getAttribute(REF);
|
String attribute = childElement.getAttribute(REF);
|
||||||
|
@ -67,15 +76,16 @@ public class AuthenticationMechanismBeanDefinitionParser extends AbstractBeanDef
|
||||||
// create a beandefinition
|
// create a beandefinition
|
||||||
providers.add(new RuntimeBeanReference(attribute));
|
providers.add(new RuntimeBeanReference(attribute));
|
||||||
}
|
}
|
||||||
|
} else if (AUTHENTICATION_LDAP.equals(node.getLocalName())){
|
||||||
|
providers.add(createLdapAuthencticationProviderBeanDefinition(childElement, parserContext));
|
||||||
}
|
}
|
||||||
// TODO:Add other providers here
|
|
||||||
}
|
}
|
||||||
authMechanismBeanDef.getPropertyValues().addPropertyValue("providers", providers);
|
authMechanismBeanDef.getPropertyValues().addPropertyValue("providers", providers);
|
||||||
|
|
||||||
}
|
}
|
||||||
return authMechanismBeanDef;
|
return authMechanismBeanDef;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Creates a default bean definition.
|
* Creates a default bean definition.
|
||||||
* @return
|
* @return
|
||||||
|
@ -83,12 +93,51 @@ public class AuthenticationMechanismBeanDefinitionParser extends AbstractBeanDef
|
||||||
protected static RootBeanDefinition createAndRegisterBeanDefinitionWithDefaults(ParserContext parserContext) {
|
protected static RootBeanDefinition createAndRegisterBeanDefinitionWithDefaults(ParserContext parserContext) {
|
||||||
RootBeanDefinition beanDefinition = new RootBeanDefinition(ProviderManager.class);
|
RootBeanDefinition beanDefinition = new RootBeanDefinition(ProviderManager.class);
|
||||||
ManagedList providers = new ManagedList();
|
ManagedList providers = new ManagedList();
|
||||||
// create authentication-repository (DaoAuthenticationProvider) and add that to list
|
// create authentication-repository (DaoAuthenticationProvider) and add
|
||||||
|
// that to list
|
||||||
RootBeanDefinition authRepo = AuthenticationRepositoryBeanDefinitionParser.createBeanDefinitionWithDefaults();
|
RootBeanDefinition authRepo = AuthenticationRepositoryBeanDefinitionParser.createBeanDefinitionWithDefaults();
|
||||||
providers.add(authRepo);
|
providers.add(authRepo);
|
||||||
beanDefinition.getPropertyValues().addPropertyValue("providers", providers);
|
beanDefinition.getPropertyValues().addPropertyValue("providers", providers);
|
||||||
parserContext.getReaderContext().registerWithGeneratedName(beanDefinition);
|
parserContext.getReaderContext().registerWithGeneratedName(beanDefinition);
|
||||||
return beanDefinition;
|
return beanDefinition;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
protected static RootBeanDefinition createLdapAuthencticationProviderBeanDefinition(Element element,
|
||||||
|
ParserContext parserContext) {
|
||||||
|
// element ldap
|
||||||
|
RootBeanDefinition ldapAuthProvider = new RootBeanDefinition(LdapAuthenticationProvider.class);
|
||||||
|
RootBeanDefinition initialDirContextFactory = createInitialDirContextFactoryBeanDefinition(element);
|
||||||
|
RootBeanDefinition ldapAuthoritiesPopulator = new RootBeanDefinition(DefaultLdapAuthoritiesPopulator.class);
|
||||||
|
|
||||||
|
RootBeanDefinition bindAuthenticator = new RootBeanDefinition(BindAuthenticator.class);
|
||||||
|
Element property = DomUtils.getChildElementByTagName(element, "property");
|
||||||
|
Assert.notNull(property);
|
||||||
|
parserContext.getDelegate().parsePropertyElement(property, bindAuthenticator);
|
||||||
|
bindAuthenticator.getConstructorArgumentValues().addIndexedArgumentValue(0, initialDirContextFactory);
|
||||||
|
|
||||||
|
// LdapAuthenticator
|
||||||
|
ldapAuthProvider.getConstructorArgumentValues().addIndexedArgumentValue(0, bindAuthenticator);
|
||||||
|
|
||||||
|
ldapAuthoritiesPopulator.getConstructorArgumentValues().addIndexedArgumentValue(0, initialDirContextFactory);
|
||||||
|
BeanDefinitionParserUtils.setConstructorArgumentIfAvailable(1, element, "groupSearchBase", false,
|
||||||
|
ldapAuthoritiesPopulator);
|
||||||
|
BeanDefinitionParserUtils.setPropertyIfAvailable(element, "groupRoleAttribute", "groupRoleAttribute", ldapAuthoritiesPopulator);
|
||||||
|
|
||||||
|
//LdapAuthoritiesPopulator
|
||||||
|
ldapAuthProvider.getConstructorArgumentValues().addIndexedArgumentValue(1, ldapAuthoritiesPopulator);
|
||||||
|
|
||||||
|
return ldapAuthProvider;
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
private static RootBeanDefinition createInitialDirContextFactoryBeanDefinition(Element element) {
|
||||||
|
RootBeanDefinition initialDirContextFactory = new RootBeanDefinition(DefaultInitialDirContextFactory.class);
|
||||||
|
BeanDefinitionParserUtils.setConstructorArgumentIfAvailable(0, element, "ldapUrl", false,
|
||||||
|
initialDirContextFactory);
|
||||||
|
BeanDefinitionParserUtils.setPropertyIfAvailable(element, "managerDn", "managerDn", initialDirContextFactory);
|
||||||
|
BeanDefinitionParserUtils.setPropertyIfAvailable(element, "managerPassword", "managerPassword",
|
||||||
|
initialDirContextFactory);
|
||||||
|
return initialDirContextFactory;
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -0,0 +1,42 @@
|
||||||
|
/**
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
package org.acegisecurity.util;
|
||||||
|
|
||||||
|
import org.springframework.beans.factory.config.RuntimeBeanNameReference;
|
||||||
|
import org.springframework.beans.factory.support.BeanDefinitionReaderUtils;
|
||||||
|
import org.springframework.beans.factory.support.RootBeanDefinition;
|
||||||
|
import org.springframework.util.StringUtils;
|
||||||
|
import org.w3c.dom.Element;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @author Vishal Puri
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
public class BeanDefinitionParserUtils {
|
||||||
|
/**
|
||||||
|
* Prevents instantiation
|
||||||
|
*/
|
||||||
|
private BeanDefinitionParserUtils() {
|
||||||
|
}
|
||||||
|
|
||||||
|
public static void setConstructorArgumentIfAvailable(int index, Element element, String attribute,
|
||||||
|
boolean isRunTimeBeanReference, RootBeanDefinition definition) {
|
||||||
|
String propertyValue = element.getAttribute(attribute);
|
||||||
|
if (StringUtils.hasText(propertyValue)) {
|
||||||
|
if(!isRunTimeBeanReference){
|
||||||
|
definition.getConstructorArgumentValues().addIndexedArgumentValue(index, propertyValue);
|
||||||
|
} else {
|
||||||
|
definition.getConstructorArgumentValues().addIndexedArgumentValue(index, new RuntimeBeanNameReference(propertyValue));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
public static void setPropertyIfAvailable(Element element, String attribute, String property,
|
||||||
|
RootBeanDefinition definition) {
|
||||||
|
String propertyValue = element.getAttribute(attribute);
|
||||||
|
if (StringUtils.hasText(propertyValue)) {
|
||||||
|
definition.getPropertyValues().addPropertyValue(property, propertyValue);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
|
@ -3,11 +3,13 @@
|
||||||
<xsd:schema xmlns="http://www.springframework.org/schema/security"
|
<xsd:schema xmlns="http://www.springframework.org/schema/security"
|
||||||
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
|
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
|
||||||
targetNamespace="http://www.springframework.org/schema/security"
|
targetNamespace="http://www.springframework.org/schema/security"
|
||||||
|
xmlns:beans="http://www.springframework.org/schema/beans"
|
||||||
elementFormDefault="qualified" attributeFormDefault="unqualified">
|
elementFormDefault="qualified" attributeFormDefault="unqualified">
|
||||||
|
|
||||||
|
<xsd:import namespace="http://www.springframework.org/schema/beans" />
|
||||||
<xsd:element name="autoconfig"/>
|
|
||||||
|
<xsd:element name="autoconfig" />
|
||||||
|
|
||||||
<xsd:element name="session-context-integration">
|
<xsd:element name="session-context-integration">
|
||||||
<xsd:complexType>
|
<xsd:complexType>
|
||||||
<xsd:attribute name="id" type="xsd:ID">
|
<xsd:attribute name="id" type="xsd:ID">
|
||||||
|
@ -88,13 +90,14 @@
|
||||||
<xsd:element name="authentication-remember-me-filter"
|
<xsd:element name="authentication-remember-me-filter"
|
||||||
type="RememberMeFilter">
|
type="RememberMeFilter">
|
||||||
<xsd:annotation>
|
<xsd:annotation>
|
||||||
<xsd:documentation source="org.acegisecurity.ui.rememberme.RememberMeProcessingFilter">
|
<xsd:documentation
|
||||||
<![CDATA[
|
source="org.acegisecurity.ui.rememberme.RememberMeProcessingFilter">
|
||||||
|
<![CDATA[
|
||||||
makes the filter, but does little else, as it auto-detects everything
|
makes the filter, but does little else, as it auto-detects everything
|
||||||
]]>
|
]]>
|
||||||
</xsd:documentation>
|
</xsd:documentation>
|
||||||
</xsd:annotation>
|
</xsd:annotation>
|
||||||
</xsd:element>
|
</xsd:element>
|
||||||
|
|
||||||
<xsd:complexType name="RememberMeFilter">
|
<xsd:complexType name="RememberMeFilter">
|
||||||
<xsd:attribute name="id" type="xsd:ID">
|
<xsd:attribute name="id" type="xsd:ID">
|
||||||
|
@ -289,12 +292,61 @@
|
||||||
]]>
|
]]>
|
||||||
</xsd:documentation>
|
</xsd:documentation>
|
||||||
</xsd:annotation>
|
</xsd:annotation>
|
||||||
|
|
||||||
<xsd:complexType>
|
<xsd:complexType>
|
||||||
<xsd:attribute name="ref" type="xsd:string">
|
|
||||||
|
<xsd:sequence>
|
||||||
|
<xsd:element name="property">
|
||||||
|
<xsd:complexType>
|
||||||
|
<xsd:complexContent>
|
||||||
|
<xsd:extension base="beans:propertyType"></xsd:extension>
|
||||||
|
</xsd:complexContent>
|
||||||
|
</xsd:complexType>
|
||||||
|
</xsd:element>
|
||||||
|
</xsd:sequence>
|
||||||
|
|
||||||
|
<xsd:attribute name="ldapUrl" type="xsd:string">
|
||||||
<xsd:annotation>
|
<xsd:annotation>
|
||||||
<xsd:documentation>
|
<xsd:documentation>
|
||||||
<![CDATA[
|
<![CDATA[
|
||||||
A short-cut alternative to a nested "<ref bean='...'/>" element.
|
The LDAP url of the server (and root context) to connect to.
|
||||||
|
]]>
|
||||||
|
</xsd:documentation>
|
||||||
|
</xsd:annotation>
|
||||||
|
</xsd:attribute>
|
||||||
|
<xsd:attribute name="managerDn" type="xsd:string">
|
||||||
|
<xsd:annotation>
|
||||||
|
<xsd:documentation>
|
||||||
|
<![CDATA[
|
||||||
|
The LDAP url of the server (and root context) to connect to.
|
||||||
|
]]>
|
||||||
|
</xsd:documentation>
|
||||||
|
</xsd:annotation>
|
||||||
|
</xsd:attribute>
|
||||||
|
<xsd:attribute name="managerPassword" type="xsd:string">
|
||||||
|
<xsd:annotation>
|
||||||
|
<xsd:documentation>
|
||||||
|
<![CDATA[
|
||||||
|
The manager user's password.
|
||||||
|
]]>
|
||||||
|
</xsd:documentation>
|
||||||
|
</xsd:annotation>
|
||||||
|
</xsd:attribute>
|
||||||
|
<xsd:attribute name="groupSearchBase" type="xsd:string">
|
||||||
|
<xsd:annotation>
|
||||||
|
<xsd:documentation>
|
||||||
|
<![CDATA[
|
||||||
|
|
||||||
|
]]>
|
||||||
|
</xsd:documentation>
|
||||||
|
</xsd:annotation>
|
||||||
|
</xsd:attribute>
|
||||||
|
<xsd:attribute name="groupRoleAttribute"
|
||||||
|
type="xsd:string">
|
||||||
|
<xsd:annotation>
|
||||||
|
<xsd:documentation>
|
||||||
|
<![CDATA[
|
||||||
|
|
||||||
]]>
|
]]>
|
||||||
</xsd:documentation>
|
</xsd:documentation>
|
||||||
</xsd:annotation>
|
</xsd:annotation>
|
||||||
|
@ -475,4 +527,5 @@
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
</xsd:schema>
|
</xsd:schema>
|
|
@ -0,0 +1,52 @@
|
||||||
|
package org.acegisecurity.config;
|
||||||
|
|
||||||
|
import junit.framework.TestCase;
|
||||||
|
|
||||||
|
import org.acegisecurity.ldap.InitialDirContextFactory;
|
||||||
|
import org.acegisecurity.providers.ldap.LdapAuthenticationProvider;
|
||||||
|
import org.acegisecurity.providers.ldap.authenticator.BindAuthenticator;
|
||||||
|
import org.springframework.beans.PropertyValue;
|
||||||
|
import org.springframework.beans.PropertyValues;
|
||||||
|
import org.springframework.beans.factory.config.BeanDefinition;
|
||||||
|
import org.springframework.beans.factory.config.ConfigurableListableBeanFactory;
|
||||||
|
import org.springframework.beans.factory.config.ConstructorArgumentValues.ValueHolder;
|
||||||
|
import org.springframework.beans.factory.support.ManagedList;
|
||||||
|
import org.springframework.beans.factory.support.RootBeanDefinition;
|
||||||
|
import org.springframework.context.ApplicationContext;
|
||||||
|
import org.springframework.context.support.ClassPathXmlApplicationContext;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @author Vishal Puri
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
public class LdapAuthenticationProviderBeanDefinitionParserTests extends TestCase {
|
||||||
|
|
||||||
|
public void testBeanDefinitionCreation() {
|
||||||
|
ApplicationContext context = new ClassPathXmlApplicationContext("org/acegisecurity/config/ldap-config.xml");
|
||||||
|
ConfigurableListableBeanFactory bf = (ConfigurableListableBeanFactory) context.getAutowireCapableBeanFactory();
|
||||||
|
BeanDefinition def = (RootBeanDefinition) bf.getBeanDefinition("authenticationManager");
|
||||||
|
assertNotNull(def);
|
||||||
|
PropertyValues values = def.getPropertyValues();
|
||||||
|
PropertyValue value = values.getPropertyValue("providers");
|
||||||
|
assertNotNull(value);
|
||||||
|
ManagedList list = (ManagedList) value.getValue();
|
||||||
|
assertEquals(1, list.size());
|
||||||
|
|
||||||
|
RootBeanDefinition definition = (RootBeanDefinition) list.get(0);
|
||||||
|
assertEquals(LdapAuthenticationProvider.class, definition.getBeanClass());
|
||||||
|
|
||||||
|
assertEquals(2, definition.getConstructorArgumentValues().getArgumentCount());
|
||||||
|
|
||||||
|
ValueHolder holder = definition.getConstructorArgumentValues().getArgumentValue(0, BindAuthenticator.class);
|
||||||
|
assertNotNull(holder.getConvertedValue() instanceof BindAuthenticator);
|
||||||
|
RootBeanDefinition authenticatorDefinition = (RootBeanDefinition) holder.getValue();
|
||||||
|
assertEquals(1, authenticatorDefinition.getConstructorArgumentValues().getArgumentCount());
|
||||||
|
|
||||||
|
RootBeanDefinition initialContextDir = (RootBeanDefinition) authenticatorDefinition
|
||||||
|
.getConstructorArgumentValues().getArgumentValue(0, InitialDirContextFactory.class).getValue();
|
||||||
|
assertEquals("cn=manager,dc=acegisecurity,dc=org", initialContextDir.getPropertyValues().getPropertyValue(
|
||||||
|
"managerDn").getValue());
|
||||||
|
assertEquals("ldap://monkeymachine:389/dc=acegisecurity,dc=org", initialContextDir.getConstructorArgumentValues()
|
||||||
|
.getArgumentValue(0, String.class).getValue());
|
||||||
|
}
|
||||||
|
}
|
|
@ -3,9 +3,7 @@
|
||||||
<beans xmlns="http://www.springframework.org/schema/beans"
|
<beans xmlns="http://www.springframework.org/schema/beans"
|
||||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||||
xmlns:security="http://www.springframework.org/schema/security"
|
xmlns:security="http://www.springframework.org/schema/security"
|
||||||
xmlns:util="http://www.springframework.org/schema/util"
|
|
||||||
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
|
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
|
||||||
http://www.springframework.org/schema/util http://www.springframework.org/schema/beans/spring-util-2.0.xsd
|
|
||||||
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd">
|
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd">
|
||||||
|
|
||||||
<!-- http://www.springframework.org/schema/security file:/Users/vpuri/interface21/acegisecurity/trunk/acegisecurity/core/src/main/resources/org/acegisecurity/config/spring-security-2.0.xsd -->
|
<!-- http://www.springframework.org/schema/security file:/Users/vpuri/interface21/acegisecurity/trunk/acegisecurity/core/src/main/resources/org/acegisecurity/config/spring-security-2.0.xsd -->
|
||||||
|
|
|
@ -3,9 +3,7 @@
|
||||||
<beans xmlns="http://www.springframework.org/schema/beans"
|
<beans xmlns="http://www.springframework.org/schema/beans"
|
||||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||||
xmlns:security="http://www.springframework.org/schema/security"
|
xmlns:security="http://www.springframework.org/schema/security"
|
||||||
xmlns:util="http://www.springframework.org/schema/util"
|
|
||||||
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
|
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
|
||||||
http://www.springframework.org/schema/util http://www.springframework.org/schema/beans/spring-util-2.0.xsd
|
|
||||||
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd">
|
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd">
|
||||||
|
|
||||||
<!-- http://www.springframework.org/schema/security file:/Users/vpuri/interface21/acegisecurity/trunk/acegisecurity/core/src/main/resources/org/acegisecurity/config/spring-security-2.0.xsd -->
|
<!-- http://www.springframework.org/schema/security file:/Users/vpuri/interface21/acegisecurity/trunk/acegisecurity/core/src/main/resources/org/acegisecurity/config/spring-security-2.0.xsd -->
|
||||||
|
|
|
@ -0,0 +1,73 @@
|
||||||
|
<?xml version="1.0" encoding="UTF-8"?>
|
||||||
|
|
||||||
|
<beans xmlns="http://www.springframework.org/schema/beans"
|
||||||
|
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||||
|
xmlns:security="http://www.springframework.org/schema/security"
|
||||||
|
xmlns:beans="http://www.springframework.org/schema/beans"
|
||||||
|
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
|
||||||
|
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd">
|
||||||
|
|
||||||
|
<!-- http://www.springframework.org/schema/security file:/Users/vpuri/interface21/acegisecurity/trunk/acegisecurity/core/src/main/resources/org/acegisecurity/config/spring-security-2.0.xsd -->
|
||||||
|
<!-- http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd" -->
|
||||||
|
|
||||||
|
<!-- make it optional, if not supplied autodetect all auth-providers from app ctx, using Ordered to resolve their order -->
|
||||||
|
<security:authentication-mechanism id="authenticationManager">
|
||||||
|
<security:authentication-ldap
|
||||||
|
ldapUrl="ldap://monkeymachine:389/dc=acegisecurity,dc=org"
|
||||||
|
managerDn="cn=manager,dc=acegisecurity,dc=org"
|
||||||
|
managerPassword="password" groupSearchBase="ou=groups"
|
||||||
|
groupRoleAttribute="ou">
|
||||||
|
<security:property name="userDnPatterns">
|
||||||
|
<list>
|
||||||
|
<value>uid={0},ou=people</value>
|
||||||
|
</list>
|
||||||
|
</security:property>
|
||||||
|
</security:authentication-ldap>
|
||||||
|
</security:authentication-mechanism>
|
||||||
|
|
||||||
|
|
||||||
|
<!--<bean id="initialDirContextFactory"
|
||||||
|
class="org.acegisecurity.ldap.DefaultInitialDirContextFactory">
|
||||||
|
<constructor-arg
|
||||||
|
value="ldap://monkeymachine:389/dc=acegisecurity,dc=org" />
|
||||||
|
<property name="managerDn">
|
||||||
|
<value>cn=manager,dc=acegisecurity,dc=org</value>
|
||||||
|
</property>
|
||||||
|
<property name="managerPassword">
|
||||||
|
<value>password</value>
|
||||||
|
</property>
|
||||||
|
</bean>
|
||||||
|
|
||||||
|
<bean id="ldapAuthProvider"
|
||||||
|
class="org.acegisecurity.providers.ldap.LdapAuthenticationProvider">
|
||||||
|
<constructor-arg>
|
||||||
|
<bean
|
||||||
|
class="org.acegisecurity.providers.ldap.authenticator.BindAuthenticator">
|
||||||
|
<constructor-arg>
|
||||||
|
<ref local="initialDirContextFactory" />
|
||||||
|
</constructor-arg>
|
||||||
|
<property name="userDnPatterns">
|
||||||
|
<list>
|
||||||
|
<value>uid={0},ou=people</value>
|
||||||
|
</list>
|
||||||
|
</property>
|
||||||
|
</bean>
|
||||||
|
</constructor-arg>
|
||||||
|
<constructor-arg>
|
||||||
|
<bean
|
||||||
|
class="org.acegisecurity.providers.ldap.populator.DefaultLdapAuthoritiesPopulator">
|
||||||
|
<constructor-arg>
|
||||||
|
<ref local="initialDirContextFactory" />
|
||||||
|
</constructor-arg>
|
||||||
|
<constructor-arg>
|
||||||
|
<value>ou=groups</value>
|
||||||
|
</constructor-arg>
|
||||||
|
<property name="groupRoleAttribute">
|
||||||
|
<value>ou</value>
|
||||||
|
</property>
|
||||||
|
</bean>
|
||||||
|
</constructor-arg>
|
||||||
|
</bean>
|
||||||
|
-->
|
||||||
|
|
||||||
|
</beans>
|
|
@ -3,9 +3,7 @@
|
||||||
<beans xmlns="http://www.springframework.org/schema/beans"
|
<beans xmlns="http://www.springframework.org/schema/beans"
|
||||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||||
xmlns:security="http://www.springframework.org/schema/security"
|
xmlns:security="http://www.springframework.org/schema/security"
|
||||||
xmlns:util="http://www.springframework.org/schema/util"
|
|
||||||
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
|
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
|
||||||
http://www.springframework.org/schema/util http://www.springframework.org/schema/beans/spring-util-2.0.xsd
|
|
||||||
http://www.springframework.org/schema/security file:/Users/vpuri/interface21/acegisecurity/trunk/acegisecurity/core/src/main/resources/org/acegisecurity/config/spring-security-2.0.xsd">
|
http://www.springframework.org/schema/security file:/Users/vpuri/interface21/acegisecurity/trunk/acegisecurity/core/src/main/resources/org/acegisecurity/config/spring-security-2.0.xsd">
|
||||||
|
|
||||||
<!-- http://www.springframework.org/schema/security file:/Users/vpuri/interface21/acegisecurity/trunk/acegisecurity/core/src/main/resources/org/acegisecurity/config/spring-security-2.0.xsd -->
|
<!-- http://www.springframework.org/schema/security file:/Users/vpuri/interface21/acegisecurity/trunk/acegisecurity/core/src/main/resources/org/acegisecurity/config/spring-security-2.0.xsd -->
|
||||||
|
|
Loading…
Reference in New Issue