EIFA:369: Reduce 6 LDAP calls to 4

Piyush Sadangi (EXT) · Piyush Sadangi (EXT) · commit df5f5f4fb87c · 2024-04-12T15:44:48.000+05:30
diff --git a/publish-service/src/main/java/com/ericsson/eiffel/remrem/publish/config/SecurityConfig.java b/publish-service/src/main/java/com/ericsson/eiffel/remrem/publish/config/SecurityConfig.java
@@ -21,6 +21,7 @@
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
+import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.Profile;
 import org.springframework.ldap.core.support.BaseLdapPathContextSource;
@@ -29,6 +30,12 @@
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.security.ldap.authentication.BindAuthenticator;
+import org.springframework.security.ldap.authentication.LdapAuthenticationProvider;
+import org.springframework.security.ldap.authentication.LdapAuthenticator;
+import org.springframework.security.ldap.search.FilterBasedLdapUserSearch;
 
 /**
  * This class is used to enable the ldap authentication based on property
@@ -74,20 +81,34 @@ public Integer getTimeOut() {
     @Autowired
     private CustomAuthenticationEntryPoint customAuthenticationEntryPoint;
 
-    @Autowired
-    protected void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
+    @Override
+    public void configure(AuthenticationManagerBuilder auth) throws Exception {
         final String jasyptKey = RabbitMqPropertiesConfig.readJasyptKeyFile(jasyptKeyFilePath);
         if (managerPassword.startsWith("{ENC(") && managerPassword.endsWith("}")) {
             managerPassword = DecryptionUtils.decryptString(
                     managerPassword.substring(1, managerPassword.length() - 1), jasyptKey);
         }
-        LOGGER.debug("LDAP server url: " + ldapUrl);
-        auth.ldapAuthentication()
-            .userSearchFilter(userSearchFilter)
-            .contextSource(ldapContextSource());
+        LOGGER.debug("LDAP server url: {}", ldapUrl);
+
+        // Initialize and configure the LdapContextSource
+        LdapContextSource contextSource = ldapContextSource();
+
+        // Configure BindAuthenticator with the context source and user search filter
+        BindAuthenticator bindAuthenticator = new BindAuthenticator(contextSource);
+        bindAuthenticator.setUserSearch(new FilterBasedLdapUserSearch(
+                "",  // Empty base indicates search starts at root DN provided in contextSource
+                userSearchFilter,
+                contextSource));
+
+        // Setup LdapAuthenticationProvider
+        LdapAuthenticationProvider ldapAuthProvider = new LdapAuthenticationProvider(bindAuthenticator);
+
+        // Configure the authentication provider
+        auth.authenticationProvider(ldapAuthProvider);
     }
 
-    public BaseLdapPathContextSource ldapContextSource() {
+    @Bean
+    public LdapContextSource ldapContextSource() {
         LdapContextSource ldap = new LdapContextSource();
         ldap.setUrl(ldapUrl);
         ldap.setBase(rootDn);
@@ -100,6 +121,7 @@ public BaseLdapPathContextSource ldapContextSource() {
         return ldap;
     }
 
+
     @Override
     protected void configure(HttpSecurity http) throws Exception {
         LOGGER.debug("LDAP authentication enabled");
