wood burning stoves 2.0*
The moose likes Security and the fly likes Spring Security 3.1 help required for ldap authorisation Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

Win a copy of Murach's Java Servlets and JSP this week in the Servlets forum!
JavaRanch » Java Forums » Engineering » Security
Bookmark "Spring Security 3.1 help required for ldap authorisation" Watch "Spring Security 3.1 help required for ldap authorisation" New topic

Spring Security 3.1 help required for ldap authorisation

Ankan Dutta

Joined: Apr 12, 2012
Posts: 1

I am facing a small problem spring security. In my case ldap authentication is working but the authorisation is not working somehow. Here is what I am doing.

And in my application-context.xml I have defined my ldap authentication provider entry as follows ..

<bean id="opendsAuthenticationProvider"
class="org.springframework.security.ldap.authentic ation.LdapAuthenticationProvider">
class="org.springframework.security.ldap.authentic ation.BindAuthenticator">
<constructor-arg ref="contextSource" />
<property name="userDnPatterns">
class="org.springframework.security.ldap.userdetai ls.DefaultLdapAuthoritiesPopulator">
<constructor-arg ref="contextSource" />
<constructor-arg value="ou=Groups" />
<property name="groupRoleAttribute" value="cn" />
<property name="searchSubtree" value="false" />
<property name="rolePrefix" value="" />
<property name="convertToUpperCase" value="false" />

My ldap has the following entry for the developer group ..

dn: ou=Groups,dc=example,dc=com
description: Group ou
objectClass: organizationalUnit
objectClass: top
ou: Groups

dn: cn=developer,ou=Groups,dc=example,dc=com
cn: developer
objectClass: top
objectClass: groupOfUniqueNames
uniqueMember: uid=johnsmith,ou=People,dc=example,dc=com

Now when in application-security I am writing the following
<http use-expressions="true">
<intercept-url pattern="/pages/**" access="hasRole('developer')" />
<authentication-provider ref="opendsAuthenticationProvider" />

application is not allowing even johnsmith to view pages matching "/pages/**". Can anybody please help.
I agree. Here's the link: http://aspose.com/file-tools
subject: Spring Security 3.1 help required for ldap authorisation
Similar Threads
weblogic8.1 with open LDAP authentication
Issue with Spring LDAP/AD authentication
Spring/AD authentication ServiceUnavailableException ONLY on ssl 636, not 389
JBOSS LdapLoginModule authentication. Help needed for code to use LoginContext
WLS6.1 - Configuring realm for openLdap