Spring Boot Application Connect to LDAP Userstore
There are detailed instructions on connecting Java Spring Boot applications to LDAP and an example using Apache Directory Studio.
Join the DZone community and get the full member experience.
Join For FreeIn this blog post, we are going to connect a sample spring boot application with LDAP-based userstore to do the authentication.
Then create a sample spring-boot application with the following dependencies.
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>1.3.3.RELEASE</version>
<relativePath/>
</parent>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-devtools</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-ldap</artifactId>
</dependency>
<dependency>
<groupId>org.apache.directory.server</groupId>
<artifactId>apacheds-server-jndi</artifactId>
<version>1.5.5</version>
</dependency>
</dependencies>
Then in your sample application extend the WebSecurityConfigurerAdapter class and override the below two methods. Provide the connection details as per the LDAP server created above.
@Configuration
@EnableWebSecurity
public class LdapSecurity extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity httpSecurity) throws Exception {
httpSecurity.httpBasic().and().authorizeRequests().anyRequest().authenticated().and().csrf().disable();
}
@Override
protected void configure(AuthenticationManagerBuilder authenticationManagerBuilder) throws Exception {
authenticationManagerBuilder.ldapAuthentication()
.contextSource().url("ldap://localhost:10389/dc=example,dc=com")
.managerDn("uid=admin,ou=system").managerPassword("secret")
.and()
.userSearchBase("ou=users")
.userSearchFilter("(cn={0})");
}
}
That's it the spring will engage basic authenticate your requests to the webapp.
Full source to the sample can be found here.
Published at DZone with permission of Aruna Karunarathna, DZone MVB. See the original article here.
Opinions expressed by DZone contributors are their own.
Comments