Win a copy of Design for the Mind this week in the Design forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

How to create LDAP JNDI for Spring Security?

 
Peter Saw
Greenhorn
Posts: 10
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Right now we set the ldap contextsource in xml as below and it works fine.
<security:ldap-server id="ldapServerAuthentication" url="ldap://10.20.20.152:8389/dc=com"/>

We want to create it as a JNDI in JBoss 5.1.
Then use this in xml like <jee:jndi-lookup id="ldapServerAuthentication" jndi-name="ldap/ldapAuthentication"/>

So I create deploy/ldap-service.xml as below, which I searched out from internet.

<?xml version="1.0" encoding="UTF-8"?>
<server>
<mbean code="org.jboss.naming.ExternalContext" name="jboss.jndi:service=ExternalContext,jndiName=ldap/ldapAuthentication">
<attribute name="JndiName">ldap/ldapAuthentication</attribute>
<attribute name="Properties">
java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory
java.naming.provider.url=ldap://10.20.20.152:8389/dc=com
java.naming.security.credentials=modifier
java.naming.security.principal=uid=modifier,ou=system,dc=com
</attribute>
<attribute name="InitialContext">javax.naming.ldap.InitialLdapContext</attribute>
<attribute name="RemoteAccess">false</attribute>
</mbean>
</server>


Anyway I got the error,
nested exception is java.lang.IllegalStateException: Cannot convert value of type [$Proxy142 implementing javax.naming.directory.DirContext,javax.naming.ldap.LdapContext,javax.naming.Context] to required type [org.springframework.ldap.core.support.BaseLdapPathContextSource]: no matching editors or conversion strategy found

Think that I should use some Spring ldap classes to create the jndi or have to write the classes, but I can't find any document talking about that.
Please anyone can help me out? Thank you very much.
 
Bill Gorder
Bartender
Posts: 1682
7
Android IntelliJ IDE Linux Mac OS X Spring
 
Peter Saw
Greenhorn
Posts: 10
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thank you.
But I can't find jndi stuff there.
Do you have document talk about creating Ldap Jndi for Spring?
 
Bill Gorder
Bartender
Posts: 1682
7
Android IntelliJ IDE Linux Mac OS X Spring
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
What are you trying to do?

Here are a couple links I found:
http://theglacier.hubpages.com/hub/Spring-ldap-authentication-example
https://jira.springsource.org/browse/SEC-871

If you are just trying to externalize URL and password to JNDI you could go the JMX route but if you are using spring 3.1 JNDI Property source is automatically registered for you so you could just store the URL and password in there and access it through SPEL in your context file.
 
Peter Saw
Greenhorn
Posts: 10
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thank you Bill Gorder.
You gave me the alternative ideas.

Actually the way I did for the jndi is correct, it returns the javax.naming.directory.DirContext.
However the spring security <ldap-server> expects the org.springframework.ldap.core.support.BaseLdapPathContextSource (interface of DefaultSpringSecurityContextSource).
That's why the erorr msg complains type is not matched.

So I want to ask further question in another way.
Is there any way to convert javax.naming.directory.DirContext instance to org.springframework.ldap.core.support.BaseLdapPathContextSource instance?
It looks I need the connections between jdk ldap implementation with spring ldap implementation.
That will solve my problem as well.
I am think maybe I can write a new class which implements from BaseLdapPathContextSource to make it work.
 
Peter Saw
Greenhorn
Posts: 10
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I have tried this way to write a new class which implements BaseLdapPathContextSource.
Find the interfaces in BaseLdapPathContextSource is nothing but just return the Context.
getContext()
getReadOnlyContext()
getReadWriteContext();

Since I already have the instance of javax.naming.directory.DirContext from jndi, so implment these getContext methods to return that.
Did a few testings, it works without issue.

Just not sure whether it's a proper approach.
If think about the database datasource, the jndi should return the ContextSource instead of Context. This way could be better.

I find one discusstion about this jndi. That's what I want to know as well.
webpage
 
Peter Saw
Greenhorn
Posts: 10
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I am checking this example to put property in the jndi.
http://theglacier.hubpages.com/hub/Spring-ldap-authentication-example

Then use this jndi lookup to get the property, <jee:jndi-lookup id="ldapServer" jndi-name="config/ldapServer" resource-ref="true" />

My question is how to create the jndi simply for a property or a string?
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic