LDAP-Authentication with Active Directory
Saturday, June 23, 2007
This post describes how to integrate Spring/AppFuse applications with a Windows Active Directory server (tested with Windows 2003 server).
Define LDAP beans
To enable LDAP authentication some beans need to be defined in security.xml Some parameters have to be changed to match your LDAP structure. Especially the OUs where your users reside are likely to be modified. To get an overview over your LDAP directory, there's a nice little tool called Softerra LDAP browser.Enable LDAP beans
This one's really easy, you just have to add the ldapAuthenticationProvider to the authenticationManager: Looking at this example you see another nice Spring security feature: It's easy to use multiple authentication providers at the same time. In this case, a DB based authentication manager works side by side with the LDAP authentication manager, so users can be defined in both sources. Spring security will just ask one provider after another until it finds the user or finally fails.
Subscribe to:
Post Comments (Atom)
Post a Comment