|
21 | 21 | import org.springframework.beans.factory.annotation.Autowired; |
22 | 22 | import org.springframework.beans.factory.annotation.Value; |
23 | 23 | import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty; |
| 24 | +import org.springframework.context.annotation.Bean; |
24 | 25 | import org.springframework.context.annotation.Configuration; |
25 | 26 | import org.springframework.context.annotation.Profile; |
26 | 27 | import org.springframework.ldap.core.support.BaseLdapPathContextSource; |
|
29 | 30 | import org.springframework.security.config.annotation.web.builders.HttpSecurity; |
30 | 31 | import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; |
31 | 32 | import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; |
| 33 | +import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; |
| 34 | +import org.springframework.security.crypto.password.PasswordEncoder; |
| 35 | +import org.springframework.security.ldap.authentication.BindAuthenticator; |
| 36 | +import org.springframework.security.ldap.authentication.LdapAuthenticationProvider; |
| 37 | +import org.springframework.security.ldap.authentication.LdapAuthenticator; |
| 38 | +import org.springframework.security.ldap.search.FilterBasedLdapUserSearch; |
| 39 | +import org.springframework.ldap.pool.validation.DefaultDirContextValidator; |
| 40 | +import org.springframework.ldap.pool.factory.PoolingContextSource; |
| 41 | +import org.springframework.ldap.core.ContextSource; |
| 42 | +import org.springframework.ldap.core.support.BaseLdapPathContextSource; |
32 | 43 |
|
33 | 44 | /** |
34 | 45 | * This class is used to enable the ldap authentication based on property |
@@ -74,20 +85,33 @@ public Integer getTimeOut() { |
74 | 85 | @Autowired |
75 | 86 | private CustomAuthenticationEntryPoint customAuthenticationEntryPoint; |
76 | 87 |
|
77 | | - @Autowired |
78 | | - protected void configureGlobal(AuthenticationManagerBuilder auth) throws Exception { |
| 88 | + @Override |
| 89 | + public void configure(AuthenticationManagerBuilder auth) throws Exception { |
79 | 90 | final String jasyptKey = RabbitMqPropertiesConfig.readJasyptKeyFile(jasyptKeyFilePath); |
80 | 91 | if (managerPassword.startsWith("{ENC(") && managerPassword.endsWith("}")) { |
81 | 92 | managerPassword = DecryptionUtils.decryptString( |
82 | 93 | managerPassword.substring(1, managerPassword.length() - 1), jasyptKey); |
83 | 94 | } |
84 | 95 | LOGGER.debug("LDAP server url: " + ldapUrl); |
85 | | - auth.ldapAuthentication() |
86 | | - .userSearchFilter(userSearchFilter) |
87 | | - .contextSource(ldapContextSource()); |
| 96 | + |
| 97 | + // Initialize and configure the LdapContextSource |
| 98 | + LdapContextSource contextSource = ldapContextSource(); |
| 99 | + |
| 100 | + // Configure BindAuthenticator with the context source and user search filter |
| 101 | + BindAuthenticator bindAuthenticator = new BindAuthenticator(contextSource); |
| 102 | + bindAuthenticator.setUserSearch(new FilterBasedLdapUserSearch( |
| 103 | + "", // Empty base indicates search starts at root DN provided in contextSource |
| 104 | + userSearchFilter, |
| 105 | + contextSource)); |
| 106 | + |
| 107 | + // Setup LdapAuthenticationProvider |
| 108 | + LdapAuthenticationProvider ldapAuthProvider = new LdapAuthenticationProvider(bindAuthenticator); |
| 109 | + |
| 110 | + // Configure the authentication provider |
| 111 | + auth.authenticationProvider(ldapAuthProvider); |
88 | 112 | } |
89 | 113 |
|
90 | | - public BaseLdapPathContextSource ldapContextSource() { |
| 114 | + public LdapContextSource ldapContextSource() { |
91 | 115 | LdapContextSource ldap = new LdapContextSource(); |
92 | 116 | ldap.setUrl(ldapUrl); |
93 | 117 | ldap.setBase(rootDn); |
|
0 commit comments