Implemented base64 encoding and decoding functionality for ldap manager password (#12)

xdurvak · web-flow · commit e619324e5aa1 · 2017-06-09T15:25:03.000+05:30
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,3 +1,6 @@
+## 0.3.2
+- Implemented base64 encryption functionality for LDAP manager password
+
 ## 0.3.1
 - Implemented ldap authentication functionality 
 
diff --git a/build.gradle b/build.gradle
@@ -22,7 +22,7 @@ apply plugin: 'spring-boot'
 
 jar {
     baseName = 'remrem-shared'
-    version =  '0.3.1'
+    version =  '0.3.2'
 }
 ext {
     springSecurityVersion = "1.4.1.RELEASE"
@@ -47,6 +47,9 @@ repositories {
 dependencies {
     compile'com.google.code.gson:gson:2.6.2'
     compile("org.springframework.boot:spring-boot-starter-security:$springSecurityVersion")
+    compile("org.springframework.security:spring-security-ldap:4.1.3.RELEASE")
+    compile 'commons-codec:commons-codec:1.10'
+    
     compile 'javax.servlet:javax.servlet-api:3.0.1'
     testCompile 'junit:junit:4.12'
 }
diff --git a/src/main/java/com/ericsson/eiffel/remrem/config/Base64Decryption.java b/src/main/java/com/ericsson/eiffel/remrem/config/Base64Decryption.java
@@ -0,0 +1,13 @@
+package com.ericsson.eiffel.remrem.config;
+
+import org.apache.commons.codec.binary.Base64;
+import org.apache.commons.codec.binary.StringUtils;
+
+public class Base64Decryption {
+
+    // To decrypt Base64 encode ldap manager password
+    protected String decode(String password) {
+        return StringUtils.newStringUtf8(Base64.decodeBase64(password));
+    }
+
+}
diff --git a/src/main/java/com/ericsson/eiffel/remrem/config/SecurityConfig.java b/src/main/java/com/ericsson/eiffel/remrem/config/SecurityConfig.java
@@ -1,7 +1,5 @@
 package com.ericsson.eiffel.remrem.config;
 
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
 import org.springframework.context.annotation.Configuration;
@@ -23,19 +21,22 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
     @Value("${activedirectory.ldapUrl}")
     private String ldapUrl;
 
-    @Value("${activedirectory.ldapPassword}")
-    private String ldapPassword;
+    @Value("${activedirectory.managerPassword}")
+    private String managerPassword;
 
     @Value("${activedirectory.managerDn}")
     private String managerDn;
 
     @Value("${activedirectory.userSearchFilter}")
     private String userSearchFilter;
+    
+    @Value("${activedirectory.rootDn}")
+    private String rootDn;
 
     @Override
     protected void configure(AuthenticationManagerBuilder auth) throws Exception {
-        auth.ldapAuthentication().userSearchFilter(userSearchFilter).contextSource().managerDn(managerDn)
-                .managerPassword(ldapPassword).url(ldapUrl);
+        auth.ldapAuthentication().userSearchFilter(userSearchFilter).contextSource().managerDn(managerDn).root(rootDn)
+                .managerPassword(new Base64Decryption().decode(managerPassword)).url(ldapUrl);
     }
 
     @Override
