This week's book giveaways are in the Java EE and JavaScript forums.
We're giving away four copies each of The Java EE 7 Tutorial Volume 1 or Volume 2(winners choice) and jQuery UI in Action and have the authors on-line!
See this thread and this one for details.
The moose likes Security and the fly likes Spring Security 3.1 help required for ldap authorisation Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of The Java EE 7 Tutorial Volume 1 or Volume 2 this week in the Java EE forum
or jQuery UI in Action in the JavaScript forum!
JavaRanch » Java Forums » Engineering » Security
Bookmark "Spring Security 3.1 help required for ldap authorisation" Watch "Spring Security 3.1 help required for ldap authorisation" New topic
Author

Spring Security 3.1 help required for ldap authorisation

Ankan Dutta
Greenhorn

Joined: Apr 12, 2012
Posts: 1
Hi,

I am facing a small problem spring security. In my case ldap authentication is working but the authorisation is not working somehow. Here is what I am doing.

And in my application-context.xml I have defined my ldap authentication provider entry as follows ..

<bean id="opendsAuthenticationProvider"
class="org.springframework.security.ldap.authentic ation.LdapAuthenticationProvider">
<constructor-arg>
<bean
class="org.springframework.security.ldap.authentic ation.BindAuthenticator">
<constructor-arg ref="contextSource" />
<property name="userDnPatterns">
<beans:list>
<beans:value>uid={0},ou=People</beans:value>
</beans:list>
</property>
</bean>
</constructor-arg>
<constructor-arg>
<bean
class="org.springframework.security.ldap.userdetai ls.DefaultLdapAuthoritiesPopulator">
<constructor-arg ref="contextSource" />
<constructor-arg value="ou=Groups" />
<property name="groupRoleAttribute" value="cn" />
<property name="searchSubtree" value="false" />
<property name="rolePrefix" value="" />
<property name="convertToUpperCase" value="false" />
</bean>
</constructor-arg>
</bean>


My ldap has the following entry for the developer group ..

dn: ou=Groups,dc=example,dc=com
description: Group ou
objectClass: organizationalUnit
objectClass: top
ou: Groups

dn: cn=developer,ou=Groups,dc=example,dc=com
cn: developer
objectClass: top
objectClass: groupOfUniqueNames
uniqueMember: uid=johnsmith,ou=People,dc=example,dc=com



Now when in application-security I am writing the following
<http use-expressions="true">
.....
<intercept-url pattern="/pages/**" access="hasRole('developer')" />
...
</http>
<authentication-manager>
<authentication-provider ref="opendsAuthenticationProvider" />
</authentication-manager>

application is not allowing even johnsmith to view pages matching "/pages/**". Can anybody please help.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Spring Security 3.1 help required for ldap authorisation