This week's book giveaway is in the OO, Patterns, UML and Refactoring forum.
We're giving away four copies of Refactoring for Software Design Smells: Managing Technical Debt and have Girish Suryanarayana, Ganesh Samarthyam & Tushar Sharma on-line!
See this thread for details.
The moose likes Security and the fly likes Spring Security 3.1 help required for ldap authorisation Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

JavaRanch » Java Forums » Engineering » Security
Bookmark "Spring Security 3.1 help required for ldap authorisation" Watch "Spring Security 3.1 help required for ldap authorisation" New topic

Spring Security 3.1 help required for ldap authorisation

Ankan Dutta

Joined: Apr 12, 2012
Posts: 1

I am facing a small problem spring security. In my case ldap authentication is working but the authorisation is not working somehow. Here is what I am doing.

And in my application-context.xml I have defined my ldap authentication provider entry as follows ..

<bean id="opendsAuthenticationProvider"
class=" ation.LdapAuthenticationProvider">
class=" ation.BindAuthenticator">
<constructor-arg ref="contextSource" />
<property name="userDnPatterns">
class=" ls.DefaultLdapAuthoritiesPopulator">
<constructor-arg ref="contextSource" />
<constructor-arg value="ou=Groups" />
<property name="groupRoleAttribute" value="cn" />
<property name="searchSubtree" value="false" />
<property name="rolePrefix" value="" />
<property name="convertToUpperCase" value="false" />

My ldap has the following entry for the developer group ..

dn: ou=Groups,dc=example,dc=com
description: Group ou
objectClass: organizationalUnit
objectClass: top
ou: Groups

dn: cn=developer,ou=Groups,dc=example,dc=com
cn: developer
objectClass: top
objectClass: groupOfUniqueNames
uniqueMember: uid=johnsmith,ou=People,dc=example,dc=com

Now when in application-security I am writing the following
<http use-expressions="true">
<intercept-url pattern="/pages/**" access="hasRole('developer')" />
<authentication-provider ref="opendsAuthenticationProvider" />

application is not allowing even johnsmith to view pages matching "/pages/**". Can anybody please help.
I agree. Here's the link:
subject: Spring Security 3.1 help required for ldap authorisation
jQuery in Action, 3rd edition