Examples of org.springframework.security.ldap.DefaultSpringSecurityContextSource

• org.springframework.security.ldap.DefaultSpringSecurityContextSource
  ContextSource implementation which uses Spring LDAP's LdapContextSource as a base class. Used internally by the Spring Security LDAP namespace configuration.

  From Spring Security 3.0, Spring LDAP 1.3 is used and the ContextSource interface provides support for binding with a username and password. As a result, Spring LDAP ContextSource implementations such as LdapContextSource may be used directly with Spring Security.

  Spring LDAP 1.3 doesn't have JVM-level LDAP connection pooling enabled by default. This class sets the pooled property to true, but customizes the {@link DirContextAuthenticationStrategy} used to disablepooling when the DN doesn't match the userDn property. This prevents pooling for calls to {@link #getContext(String,String)} to authenticate as specific users. @author Luke Taylor @since 2.0

        public LdapAuthenticationProviderConfigurer<B> and() {
            return LdapAuthenticationProviderConfigurer.this;
        }

        private DefaultSpringSecurityContextSource build() throws Exception {
            DefaultSpringSecurityContextSource contextSource = new DefaultSpringSecurityContextSource(getProviderUrl());
            if(managerDn != null) {
                contextSource.setUserDn(managerDn);
                if(managerPassword == null) {
                    throw new IllegalStateException("managerPassword is required if managerDn is supplied");
                }
                contextSource.setPassword(managerPassword);
            }
            contextSource = postProcess(contextSource);
            if(url != null) {
                return contextSource;
            }

    @Test
    public void embeddedServerCreationContainsExpectedContextSourceAndData() {
        appCtx = new InMemoryXmlApplicationContext("<ldap-server ldif='classpath:test-server.ldif'/>");

        DefaultSpringSecurityContextSource contextSource = (DefaultSpringSecurityContextSource) appCtx.getBean(BeanIds.CONTEXT_SOURCE);

        // Check data is loaded
        LdapTemplate template = new LdapTemplate(contextSource);
        template.lookup("uid=ben,ou=people");
    }

                "<ldap-server ldif='classpath:test-server.ldif' id='blah' url='ldap://127.0.0.1:" + port + "/dc=springframework,dc=org' />");

        // Check the default context source is still there.
        appCtx.getBean(BeanIds.CONTEXT_SOURCE);

        DefaultSpringSecurityContextSource contextSource = (DefaultSpringSecurityContextSource) appCtx.getBean("blah");

        // Check data is loaded as before
        LdapTemplate template = new LdapTemplate(contextSource);
        template.lookup("uid=ben,ou=people");
    }

    @Test
    public void loadingSpecificLdifFileIsSuccessful() {
        appCtx = new InMemoryXmlApplicationContext(
                "<ldap-server ldif='classpath*:test-server2.xldif' root='dc=monkeymachine,dc=co,dc=uk' />");
        DefaultSpringSecurityContextSource contextSource = (DefaultSpringSecurityContextSource) appCtx.getBean(BeanIds.CONTEXT_SOURCE);

        LdapTemplate template = new LdapTemplate(contextSource);
        template.lookup("uid=pg,ou=gorillas");
    }

                    .anyRequest().hasRole("1");
        }

        @Bean
        public BaseLdapPathContextSource contextSource() throws Exception {
            DefaultSpringSecurityContextSource contextSource = new DefaultSpringSecurityContextSource("ldap://127.0.0.1:33389/dc=springframework,dc=org");
            contextSource.setUserDn("uid=admin,ou=system");
            contextSource.setPassword("secret");
            return contextSource;
        }

   * @return corresponding LDAP authentication provider
   */
  private LdapAuthenticationProvider loadLdapAuthenticationProvider() {
    if (reloadLdapServerProperties()) {
      log.info("LDAP Properties changed - rebuilding Context");
      DefaultSpringSecurityContextSource springSecurityContextSource =
              new DefaultSpringSecurityContextSource(ldapServerProperties.get().getLdapUrls(), ldapServerProperties.get().getBaseDN());

      if (!ldapServerProperties.get().isAnonymousBind()) {
        springSecurityContextSource.setUserDn(ldapServerProperties.get().getManagerDn());
        springSecurityContextSource.setPassword(ldapServerProperties.get().getManagerPassword());
      }

      try {
        springSecurityContextSource.afterPropertiesSet();
      } catch (Exception e) {
        log.error("LDAP Context Source not loaded ", e);
        throw new UsernameNotFoundException("LDAP Context Source not loaded", e);
      }

   * @return corresponding LDAP authentication provider
   */
  private LdapAuthenticationProvider loadLdapAuthenticationProvider() {
    if (reloadLdapServerProperties()) {
      log.info("LDAP Properties changed - rebuilding Context");
      DefaultSpringSecurityContextSource springSecurityContextSource =
              new DefaultSpringSecurityContextSource(ldapServerProperties.get().getLdapUrls(), ldapServerProperties.get().getBaseDN());

      if (!ldapServerProperties.get().isAnonymousBind()) {
        springSecurityContextSource.setUserDn(ldapServerProperties.get().getManagerDn());
        springSecurityContextSource.setPassword(ldapServerProperties.get().getManagerPassword());
      }

      try {
        springSecurityContextSource.afterPropertiesSet();
      } catch (Exception e) {
        log.error("LDAP Context Source not loaded ", e);
        throw new UsernameNotFoundException("LDAP Context Source not loaded", e);
      }

        public LdapAuthenticationProviderConfigurer<B> and() {
            return LdapAuthenticationProviderConfigurer.this;
        }

        private DefaultSpringSecurityContextSource build() throws Exception {
            DefaultSpringSecurityContextSource contextSource = new DefaultSpringSecurityContextSource(getProviderUrl());
            if(managerDn != null) {
                contextSource.setUserDn(managerDn);
                if(managerPassword == null) {
                    throw new IllegalStateException("managerPassword is required if managerDn is supplied");
                }
                contextSource.setPassword(managerPassword);
            }
            contextSource = postProcess(contextSource);
            if(url != null) {
                return contextSource;
            }

                    .anyRequest().hasRole("1");
        }

        @Bean
        public BaseLdapPathContextSource contextSource() throws Exception {
            DefaultSpringSecurityContextSource contextSource = new DefaultSpringSecurityContextSource("ldap://127.0.0.1:33389/dc=springframework,dc=org");
            contextSource.setUserDn("uid=admin,ou=system");
            contextSource.setPassword("secret");
            return contextSource;
        }

     * @param ldapConfig
     * @return
     */
    public static LdapContextSource createLdapContext(
            LDAPBaseSecurityServiceConfig ldapConfig) {
        LdapContextSource ldapContext = new DefaultSpringSecurityContextSource(
                ldapConfig.getServerURL());
        ldapContext.setCacheEnvironmentProperties(false);
        ldapContext
                .setAuthenticationSource(new SpringSecurityAuthenticationSource());

        if (ldapConfig.isUseTLS()) {
            // TLS does not play nicely with pooled connections
            ldapContext.setPooled(false);

            DefaultTlsDirContextAuthenticationStrategy tls = new DefaultTlsDirContextAuthenticationStrategy();
            tls.setHostnameVerifier(new HostnameVerifier() {
                @Override
                public boolean verify(String hostname, SSLSession session) {
                    return true;
                }
            });

            ldapContext.setAuthenticationStrategy(tls);
        }
        return ldapContext;
    }