everyone. I am trying to write a Spring Boot program that works with an Active Directory server (for modification, not authentication), but I can't get the program to connect to it. Whatever I do, it shows the following message:
o.s.l.c.support.AbstractContextSource : Property 'userDn' not set - anonymous context will be used for read-write operations
This is wrong because the AD server does not accept anonymous connections.
Here is my complete build.gradle file.
plugins {
id 'org.springframework.boot' version '2.4.4'
id 'io.spring.dependency-management' version '1.0.11.RELEASE'
id 'groovy'
}
group = 'edu.sunyjcc.gateway'
version = '0.0.1-SNAPSHOT'
sourceCompatibility = '1.8'
repositories {
mavenCentral()
}
dependencies {
implementation 'org.springframework.boot:spring-boot-starter'
implementation 'org.codehaus.groovy:groovy'
implementation 'org.springframework.boot:spring-boot-starter-data-ldap'
testImplementation 'org.springframework.boot:spring-boot-starter-test'
}
test {
useJUnitPlatform()
}
I define a bean for the mydomainLdapTemplate in src\main\resources\applicationContext.xml
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:ldap="http://www.springframework.org/schema/ldap"
xsi:schemaLocation="http://www.springframework.org/schema/beans
https://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/ldap
https://www.springframework.org/schema/ldap/spring-ldap.xsd"
>
<context:property-placeholder location="classpath:ldap.properties"/>
<!-- <ldap:context-source id="mydomainContextSource" -->
<!-- userDn="${ldap.authentication.manager.userdn}" -->
<!-- username="${ldap.authentication.manager.username}" -->
<!-- password="${ldap.authentication.manager.password}" -->
<!-- url="${ldap.authentication.server.urls}" -->
<!-- base="${ldap.authentication.basedn}" /> -->
<bean id="mydomainContextSource" class="org.springframework.ldap.core.support.LdapContextSource">
<property name="pooled" value="false"/>
<property name="urls">
<bean class="org.springframework.util.StringUtils" factory-method="commaDelimitedListToSet">
<constructor-arg type="java.lang.String" value="${ldap.authentication.server.urls}"/>
</bean>
</property>
<property name="userDn" value="${ldap.authentication.manager.userdn}"/>
<!-- <property name="username" value="${ldap.authentication.manager.userdn}"/> -->
<!-- <property name="username" value="${ldap.authentication.manager.username}"/> -->
<property name="password" value="${ldap.authentication.manager.password}"/>
<property name="baseEnvironmentProperties">
<map>
<entry key="com.sun.jndi.ldap.connect.timeout" value="${ldap.authentication.jndi.connect.timeout}" />
<entry key="com.sun.jndi.ldap.read.timeout" value="${ldap.authentication.jndi.read.timeout}" />
<entry key="java.naming.security.authentication" value="${ldap.authentication.jndi.security.level}" />
</map>
</property>
</bean>
<ldap:ldap-template id="mydomainLdapTemplate"
ignore-partial-result="true"
context-source-ref="mydomainContextSource"/>
</beans>
I've tried switching between the userdn and username (in src\main\resources\ldap.properties), but neither works.
ldap.authentication.manager.userdn=cn=myacct,dc=mydomain,dc=sunyjcc,dc=edu
[email protected]
I've also tried switching between username and userDn in the bean configuration, but nothing seems to work. Can anybody tell me what I'm doing wrong?
ActiveDirectoryLdapAuthenticationProvider does not seem to be an option, because I am not trying to authenticate, but to modify user records.
Thanks!
Ed.
