public class KerberosLdapContextSource
extends org.springframework.security.ldap.DefaultSpringSecurityContextSource
implements org.springframework.beans.factory.InitializingBean
LdapContextSource
that authenticates with the
ldap server using Kerberos.
Example usage:
<bean id="authorizationContextSource" class="org.springframework.security.kerberos.ldap.KerberosLdapContextSource"> <constructor-arg value="${authentication.ldap.ldapUrl}" /> <property name="referral" value="ignore" /> <property name="loginConfig"> <bean class="org.springframework.security.kerberos.client.config.SunJaasKrb5LoginConfig"> <property name="servicePrincipal" value="${authentication.ldap.servicePrincipal}" /> <property name="useTicketCache" value="true" /> <property name="isInitiator" value="true" /> <property name="debug" value="false" /> </bean> </property> </bean> <sec:ldap-user-service id="ldapUserService" server-ref="authorizationContextSource" user-search-filter="(| (userPrincipalName={0}) (sAMAccountName={0}))" group-search-filter="(member={0})" group-role-attribute="cn" role-prefix="none" />
SunJaasKrb5LoginConfig
Constructor and Description |
---|
KerberosLdapContextSource(java.util.List<java.lang.String> urls,
java.lang.String baseDn)
Instantiates a new kerberos ldap context source.
|
KerberosLdapContextSource(java.lang.String url)
Instantiates a new kerberos ldap context source.
|
Modifier and Type | Method and Description |
---|---|
void |
afterPropertiesSet() |
protected javax.naming.directory.DirContext |
getDirContextInstance(java.util.Hashtable environment) |
void |
setLoginConfig(javax.security.auth.login.Configuration loginConfig)
The login configuration to get the serviceSubject from LoginContext
|
assembleProviderUrlString, createContext, getAnonymousEnv, getAuthenticatedEnv, getAuthenticationSource, getBase, getBaseLdapPath, getBaseLdapPathAsString, getContext, getContextFactory, getDirObjectFactory, getReadOnlyContext, getReadWriteContext, getUrls, isAnonymousReadOnly, isPooled, setAnonymousReadOnly, setAuthenticationSource, setAuthenticationStrategy, setBase, setBaseEnvironmentProperties, setCacheEnvironmentProperties, setContextFactory, setDirObjectFactory, setPassword, setPooled, setReferral, setupAuthenticatedEnvironment, setUrl, setUrls, setUserDn
public KerberosLdapContextSource(java.lang.String url)
url
- the urlpublic KerberosLdapContextSource(java.util.List<java.lang.String> urls, java.lang.String baseDn)
urls
- the urlsbaseDn
- the base dnpublic void afterPropertiesSet()
afterPropertiesSet
in interface org.springframework.beans.factory.InitializingBean
afterPropertiesSet
in class org.springframework.ldap.core.support.AbstractContextSource
protected javax.naming.directory.DirContext getDirContextInstance(java.util.Hashtable environment) throws javax.naming.NamingException
getDirContextInstance
in class org.springframework.ldap.core.support.LdapContextSource
javax.naming.NamingException
public void setLoginConfig(javax.security.auth.login.Configuration loginConfig)
loginConfig
- the login config