I just managed to get my OpenLDAP + Spring Security work, all works fine except one small issue that in spring security xml, I have to put plain text password there:
<beans:bean id="ldapContextSource" class="org.springframework.security.ldap.DefaultSpringSecurityContextSource">
<beans:constructor-arg value="ldap://153.65.x.y:389/dc=example,dc=com" />
<beans:property name="userDn" value="cn=Manager,dc=example,dc=com" />
<beans:property name="password" value="secret" />
</beans:bean>
Is there any way to avoid this?
When I set up my OpenLDAP, I could actually add digest instead of plain text password in slapd.conf:
rootpw {SSHA}ZMFfVNPAazmLcif1xC2l9y9SFdKd+x4
So I'm hoping that spring security can do the similar thing.
EDIT:
I just realized that it's unnecessary to put LDAP manager name and password here, just provide uri and it would be good enough for spring security to work:
<beans:bean id="ldapContextSource" class="org.springframework.security.ldap.DefaultSpringSecurityContextSource">
<beans:constructor-arg value="ldap://153.65.x.y:389/dc=example,dc=com" />
</beans:bean>
I had some misunderstanding here. When I tried to wrote this sample, quite a few samples I got from google put manager name and password in the spring security xml. So I once thought that this was like connecting to database via JDBC and we had to provide the database user name and password. This is not true, the manager name and password are not required.
