Difference between revisions of "Knowledge:Ldap examples"

From OpenKM Documentation
Jump to: navigation, search
(Created page with '=== open ldap === Take a look at: ldap://192.168.0.13:389/dc=macroct,dc=com which filter all ldap connection to this node. Then <beans:constructor-arg value="'''ou=roles'''"/> r…')
 
Line 1: Line 1:
 
=== open ldap ===
 
=== open ldap ===
Take a look at: ldap://192.168.0.13:389/dc=macroct,dc=com which filter all ldap connection to this node.
+
Take a look at: '''ldap://192.168.0.13:389/dc=macroct,dc=com''' which filter all ldap connection to this node.
  
 
Then <beans:constructor-arg value="'''ou=roles'''"/> really points to <beans:constructor-arg value="'''ou=roles,dc=macroct,dc=com'''"/> and <beans:constructor-arg index="0" value="'''ou=organization'''" /> to <beans:constructor-arg index="0" value="'''ou=organization,dc=macroct,dc=com'''" />
 
Then <beans:constructor-arg value="'''ou=roles'''"/> really points to <beans:constructor-arg value="'''ou=roles,dc=macroct,dc=com'''"/> and <beans:constructor-arg index="0" value="'''ou=organization'''" /> to <beans:constructor-arg index="0" value="'''ou=organization,dc=macroct,dc=com'''" />

Revision as of 18:47, 10 October 2012

open ldap

Take a look at: ldap://192.168.0.13:389/dc=macroct,dc=com which filter all ldap connection to this node.

Then <beans:constructor-arg value="ou=roles"/> really points to <beans:constructor-arg value="ou=roles,dc=macroct,dc=com"/> and <beans:constructor-arg index="0" value="ou=organization" /> to <beans:constructor-arg index="0" value="ou=organization,dc=macroct,dc=com" />

Finally take in consideration the value 1 at <beans:property name="groupSearchFilter" value="memberUid={1}"/>

<beans:constructor-arg value="ou=roles"/>
<beans:constructor-arg index="0" value="ou=organization" /> and

The configuration

<security:authentication-manager alias="authenticationManager">
  	<security:authentication-provider ref="ldapAuthProvider" />
  </security:authentication-manager>
  
  <beans:bean id="contextSource" class="org.springframework.security.ldap.DefaultSpringSecurityContextSource">
  	<beans:constructor-arg value="ldap://192.168.0.13:389/dc=macroct,dc=com"/>
		<beans:property name="userDn" value="cn=Manager,dc=macroct,dc=com"/>
  	<beans:property name="password" value="*****"/>
  </beans:bean>

	<beans:bean id="ldapAuthProvider" class="org.springframework.security.ldap.authentication.LdapAuthenticationProvider">
		<beans:constructor-arg>
			<beans:bean class="org.springframework.security.ldap.authentication.BindAuthenticator">
				<beans:constructor-arg ref="contextSource"/>
				<beans:property name="userSearch" ref="userSearch"></beans:property>
			</beans:bean>
		</beans:constructor-arg>
		<beans:constructor-arg>
			<beans:bean class="org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator">
				<beans:constructor-arg ref="contextSource"/>
				<beans:constructor-arg value="ou=roles"/>
				<beans:property name="groupSearchFilter" value="memberUid={1}"/>
				<beans:property name="groupRoleAttribute" value="cn"/>
        <beans:property name="searchSubtree" value="true" />
        <beans:property name="convertToUpperCase" value="true" />
        
        <beans:property name="rolePrefix" value="" /> 
        
			</beans:bean>
		</beans:constructor-arg>
  </beans:bean>
  
   <beans:bean id="userSearch" class="org.springframework.security.ldap.search.FilterBasedLdapUserSearch">
    <beans:constructor-arg index="0" value="ou=organization" />
    <beans:constructor-arg index="1" value="uid={0}" />
    <beans:constructor-arg index="2" ref="contextSource" />
    <beans:property name="searchSubtree" value="true" />
  </beans:bean>