Configure ldap for authorizing users

1
votes

In my current project I need to authenticate and authorize users via Spring security.

Our directory is LDAP.

I have basic ldap knowledge.

I am trying to understand how in the ldap side I suppose to manage and create users in order to provide them roles and permissions to be used in my Spring security app.

Any ref/tutorials/small explanation would be greatly welcome.

thanks, ray.

1
javaspringspring-securityldapopenldap
isn't the Spring documentation on this subject enough docs.spring.io/spring-security/site/docs/3.0.x/reference/…? It seems pretty detailed. - Mateusz Dymczyk
Only for the spring side. I need to configure the LDAP side with the right attributes. - rayman
ah I see! so you want to know how the server structure should look like? something like this: krams915.blogspot.jp/2011/01/…? It's a bit dated but looks ok! - Mateusz Dymczyk
Yes.. But how you are going to set permissions? for example ROLE_ADMIN user with name "johns" able to access(has permission) to specific resource of a page - rayman
hm well you don't add that to the LDAP server, if I understood the question correctly. In the LDAP you just persist user's data, which might include his role. The settings that describe which role can access a given resource (i.e. page) are kept in spring config files. - Mateusz Dymczyk

1 Answers

-1
votes

You can check this out StackOverFlow thread where is explained that:

The roles in the beans.xml must be an exact match of the CN (common name) of the memberOf value attribute. With one good example.

Also this two examples MVC + LDAP about the structure of beans.xml in relation with LDAP config. This links is based on MVC + InMemory Authentication where is described the way to code a custom simple login for Spring. This way you can adapt the code in MVC + LDAP example.

Hope this help.