Class KerberosLdapContextSource
java.lang.Object
org.springframework.ldap.core.support.AbstractContextSource
org.springframework.ldap.core.support.LdapContextSource
org.springframework.security.ldap.DefaultSpringSecurityContextSource
org.springframework.security.kerberos.client.ldap.KerberosLdapContextSource
- All Implemented Interfaces:
org.springframework.beans.factory.InitializingBean,org.springframework.ldap.core.ContextSource,org.springframework.ldap.core.support.BaseLdapPathContextSource,org.springframework.ldap.core.support.BaseLdapPathSource
public class KerberosLdapContextSource
extends org.springframework.security.ldap.DefaultSpringSecurityContextSource
implements org.springframework.beans.factory.InitializingBean
Implementation of an
LdapContextSource that authenticates with the
ldap server using Kerberos.
Example usage:
<bean id="authorizationContextSource" class="org.springframework.security.kerberos.ldap.KerberosLdapContextSource">
<constructor-arg value="${authentication.ldap.ldapUrl}" />
<property name="referral" value="ignore" />
<property name="loginConfig">
<bean class="org.springframework.security.kerberos.client.config.SunJaasKrb5LoginConfig">
<property name="servicePrincipal" value="${authentication.ldap.servicePrincipal}" />
<property name="useTicketCache" value="true" />
<property name="isInitiator" value="true" />
<property name="debug" value="false" />
</bean>
</property>
</bean>
<sec:ldap-user-service id="ldapUserService" server-ref="authorizationContextSource" user-search-filter="(| (userPrincipalName={0}) (sAMAccountName={0}))"
group-search-filter="(member={0})" group-role-attribute="cn" role-prefix="none" />
- See Also:
-
Field Summary
Fields inherited from class org.springframework.security.ldap.DefaultSpringSecurityContextSource
loggerFields inherited from class org.springframework.ldap.core.support.AbstractContextSource
password, SUN_LDAP_POOLING_FLAG, userDn -
Constructor Summary
ConstructorsConstructorDescriptionInstantiates a new kerberos ldap context source.KerberosLdapContextSource(List<String> urls, String baseDn) Instantiates a new kerberos ldap context source. -
Method Summary
Modifier and TypeMethodDescriptionvoidprotected DirContextgetDirContextInstance(Hashtable environment) voidsetLoginConfig(Configuration loginConfig) The login configuration to get the serviceSubject from LoginContextMethods inherited from class org.springframework.ldap.core.support.AbstractContextSource
assembleProviderUrlString, createContext, getAnonymousEnv, getAuthenticatedEnv, getAuthenticationSource, getBaseLdapName, getBaseLdapPath, getBaseLdapPathAsString, getContext, getContextFactory, getDirObjectFactory, getPassword, getReadOnlyContext, getReadWriteContext, getUrls, getUserDn, isAnonymousReadOnly, isPooled, setAnonymousReadOnly, setAuthenticationSource, setAuthenticationStrategy, setBase, setBaseEnvironmentProperties, setCacheEnvironmentProperties, setContextFactory, setDirObjectFactory, setPassword, setPooled, setReferral, setupAuthenticatedEnvironment, setUrl, setUrls, setUserDn
-
Constructor Details
-
KerberosLdapContextSource
Instantiates a new kerberos ldap context source.- Parameters:
url- the url
-
KerberosLdapContextSource
Instantiates a new kerberos ldap context source.- Parameters:
urls- the urlsbaseDn- the base dn
-
-
Method Details
-
afterPropertiesSet
public void afterPropertiesSet()- Specified by:
afterPropertiesSetin interfaceorg.springframework.beans.factory.InitializingBean- Overrides:
afterPropertiesSetin classorg.springframework.ldap.core.support.AbstractContextSource
-
getDirContextInstance
- Overrides:
getDirContextInstancein classorg.springframework.ldap.core.support.LdapContextSource- Throws:
NamingException
-
setLoginConfig
The login configuration to get the serviceSubject from LoginContext- Parameters:
loginConfig- the login config
-