|
21 | 21 | import org.springframework.beans.factory.annotation.Autowired; |
22 | 22 | import org.springframework.beans.factory.annotation.Value; |
23 | 23 | import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty; |
| 24 | +import org.springframework.context.annotation.Bean; |
24 | 25 | import org.springframework.context.annotation.Configuration; |
25 | 26 | import org.springframework.context.annotation.Profile; |
26 | 27 | import org.springframework.ldap.core.support.BaseLdapPathContextSource; |
|
29 | 30 | import org.springframework.security.config.annotation.web.builders.HttpSecurity; |
30 | 31 | import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; |
31 | 32 | import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; |
| 33 | +import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; |
| 34 | +import org.springframework.security.crypto.password.PasswordEncoder; |
| 35 | +import org.springframework.security.ldap.authentication.BindAuthenticator; |
| 36 | +import org.springframework.security.ldap.authentication.LdapAuthenticationProvider; |
| 37 | +import org.springframework.security.ldap.authentication.LdapAuthenticator; |
| 38 | +import org.springframework.security.ldap.search.FilterBasedLdapUserSearch; |
| 39 | +import org.springframework.ldap.pool.validation.DefaultDirContextValidator; |
| 40 | +import org.springframework.ldap.pool.factory.PoolingContextSource; |
| 41 | +import org.springframework.ldap.core.ContextSource; |
| 42 | +import org.springframework.ldap.core.support.BaseLdapPathContextSource; |
| 43 | + |
32 | 44 |
|
33 | 45 | /** |
34 | 46 | * This class is used to enable the ldap authentication based on property |
@@ -74,20 +86,33 @@ public Integer getTimeOut() { |
74 | 86 | @Autowired |
75 | 87 | private CustomAuthenticationEntryPoint customAuthenticationEntryPoint; |
76 | 88 |
|
77 | | - @Autowired |
78 | | - protected void configureGlobal(AuthenticationManagerBuilder auth) throws Exception { |
| 89 | + @Override |
| 90 | + public void configure(AuthenticationManagerBuilder auth) throws Exception { |
79 | 91 | final String jasyptKey = RabbitMqPropertiesConfig.readJasyptKeyFile(jasyptKeyFilePath); |
80 | 92 | if (managerPassword.startsWith("{ENC(") && managerPassword.endsWith("}")) { |
81 | 93 | managerPassword = DecryptionUtils.decryptString( |
82 | 94 | managerPassword.substring(1, managerPassword.length() - 1), jasyptKey); |
83 | 95 | } |
84 | | - LOGGER.debug("LDAP server url: " + ldapUrl); |
85 | | - auth.ldapAuthentication() |
86 | | - .userSearchFilter(userSearchFilter) |
87 | | - .contextSource(ldapContextSource()); |
| 96 | + LOGGER.debug("LDAP server url: {}", ldapUrl); |
| 97 | + |
| 98 | + // Initialize and configure the LdapContextSource |
| 99 | + LdapContextSource contextSource = ldapContextSource(); |
| 100 | + |
| 101 | + // Configure BindAuthenticator with the context source and user search filter |
| 102 | + BindAuthenticator bindAuthenticator = new BindAuthenticator(contextSource); |
| 103 | + bindAuthenticator.setUserSearch(new FilterBasedLdapUserSearch( |
| 104 | + "", // Empty base indicates search starts at root DN provided in contextSource |
| 105 | + userSearchFilter, |
| 106 | + contextSource)); |
| 107 | + |
| 108 | + // Setup LdapAuthenticationProvider |
| 109 | + LdapAuthenticationProvider ldapAuthProvider = new LdapAuthenticationProvider(bindAuthenticator); |
| 110 | + |
| 111 | + // Configure the authentication provider |
| 112 | + auth.authenticationProvider(ldapAuthProvider); |
88 | 113 | } |
89 | 114 |
|
90 | | - public BaseLdapPathContextSource ldapContextSource() { |
| 115 | + public LdapContextSource ldapContextSource() { |
91 | 116 | LdapContextSource ldap = new LdapContextSource(); |
92 | 117 | ldap.setUrl(ldapUrl); |
93 | 118 | ldap.setBase(rootDn); |
|
0 commit comments