I am using Spring Security 3.1.0M2 and LDAP 1.3.1, the most current as of this date, to authenticate users via a login form. I am trying to determine if it is possible to eliminate the need for an admin/mgr account, as declared below in the DefaultSpringSecurityContextSource. On our LDAP server, all users are able to connect to and query the server, so there is no need for an admin account to do this and this is actually undesirable for our company needs. Can anyone state that this is definitely not possible with Spring Security, or if it is possible point me to either configuration or code to accomplish this?
I am successfully authenticating users with the following Spring configuration:
-=> Gregg <=-
It might be possible with Spring's Expression Language. Spring Security supports the expression language.
Or you can always customize Spring Security to do this. In this case, those Spring LDAP classes can be extended or I am sure there is an interface that you can implement and then you write custom code in the setUserDn or setPassword methods, but it might also entail overriding methods in the other LDAP classes that reference the "ldapServer" bean and then take the data coming in through the Http request from the login form.