Using Spring Security LDAP and its authenticating fine, but now I need to load the userLevel attribute from the LDAP entry to determine what level a user is.
My Spring Security configuration looks like this
@Profile(value = {"sit", "uat", "prod"})
@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
protected Environment environment;
public SecurityConfig() {
super();
}
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.ldapAuthentication()
.userSearchBase("dc=fantasycompany,dc=com")
.userDnPatterns("cn={0},ou=users,ou=somedepartment,o=departments,c=US,dc=fantasycompany,dc=com")
.contextSource()
.url("ldaps://someserver:636")
.managerDn("cn=someone,cn=users,dc=fantasycompany,dc=com")
.managerPassword("somethingsomething");
}
@Override
protected void configure(HttpSecurity httpSecurity) throws Exception {
/**httpSecurity.authorizeRequests()
.anyRequest().fullyAuthenticated()
.and()
.formLogin()
.loginPage("/login")
.loginProcessingUrl("/perform_login")
.defaultSuccessUrl("/",true)
.failureUrl("/login.html?error=true");*/
httpSecurity
.csrf().disable()
.authorizeRequests()
.antMatchers("/login*").permitAll()
.antMatchers("/css/*").permitAll()
.anyRequest().authenticated()
.and()
.formLogin()
.loginPage("/login")
.defaultSuccessUrl("/",true)
.failureUrl("/login?error=true")
.and()
.logout()
.logoutUrl("/logout")
.deleteCookies("JSESSIONID");
}
}
How am I able to get Spring to load the userLevel property from the LDAP entry into the ROLES?
