Geek Answers Handbook

Grails Spring REST + LDAP Security

I am trying to configure Spring Security in Grails, authenticated with a token (through the Spring Security REST plugin) and LDAP authorization. I found several examples (now I have about 20 browser tabs open), but none of them answer the whole question. Most examples are Grails + REST Security or Grails + LDAP Security, but there are no Grails + REST + LDAP examples.

My problem is that the application is trying to search the database of users and roles when I need it to look at LDAP.

+4
source share
1 answer

, , resources.groovy userDetailsService bean LDAP. " " , LDAP LDAP. : http://swordsystems.com/2011/12/21/spring-security-cas-ldap/. .

// Place your Spring DSL code here
import grails.plugin.springsecurity.SpringSecurityUtils
beans = {
    def config = SpringSecurityUtils.securityConfig
    if (config.ldap.context.server) {
        SpringSecurityUtils.loadSecondaryConfig 'DefaultLdapSecurityConfig'
        config = SpringSecurityUtils.securityConfig

        initialDirContextFactory(org.springframework.security.ldap.DefaultSpringSecurityContextSource,
                config.ldap.context.server){
            userDn = config.ldap.context.managerDn
            password = config.ldap.context.managerPassword
        }

        ldapUserSearch(org.springframework.security.ldap.search.FilterBasedLdapUserSearch,
                config.ldap.search.base,
                config.ldap.search.filter,
                initialDirContextFactory){
        }

        ldapAuthoritiesPopulator(org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator,
                initialDirContextFactory,
                config.ldap.authorities.groupSearchBase){
            groupRoleAttribute = config.ldap.authorities.groupRoleAttribute
            groupSearchFilter = config.ldap.authorities.groupSearchFilter
            searchSubtree = config.ldap.authorities.searchSubtree
            rolePrefix = "ROLE_"
            convertToUpperCase = config.ldap.mapper.convertToUpperCase
            ignorePartialResultException = config.ldap.authorities.ignorePartialResultException
        }

        userDetailsService(org.springframework.security.ldap.userdetails.LdapUserDetailsService,
                ldapUserSearch,
                ldapAuthoritiesPopulator){
        }
    }
}
+3

More articles:


All Articles