0

We use Spring boot with Spring security in our Application. Using Spring db authentication for web authentication and planning to use ldap for JMS authentication.

@Configuration
@EnableWebMvcSecurity
@ComponentScan
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

    @Override
    @SuppressWarnings("PMD")
    protected void configure(HttpSecurity http) throws Exception {

        // @formatter:off
        http.authorizeRequests()
            .antMatchers("/login", "/logoffUser", "/sessionExpired", "/error", "/unauth").permitAll()
            .anyRequest().authenticated().and().rememberMe().and().httpBasic()
            .authenticationEntryPoint(entryPointObj).and()
            .addFilterAfter(filterObj, PreAuthenticatedProcessingFilter.class).csrf()
            .disable().logout().deleteCookies("JSESSIONID").logoutSuccessUrl("/logoff").invalidateHttpSession(true);

    }
}

The web authentication works without any issues.

For LDAP Authentication, we use the below code.

@Configuration
public class LdapAuthenticationConfig extends
        GlobalAuthenticationConfigurerAdapter {

    /** The environment. */
    private Environment environment;

    @Override
    public void init(AuthenticationManagerBuilder auth) throws Exception {
        auth.ldapAuthentication()
                .userSearchFilter(
                        "(&(sAMAccountName={0})(objectclass=organizationalPerson))")
                .userSearchBase("OU=${ldap.user-search-base.name}")
                .groupSearchFilter("(member={0})")
                .groupSearchBase("OU=Global-Groups")
                .groupRoleAttribute("un")
                .contextSource()
                .url(environment.getProperty("ldap.url"))
                .managerDn(environment.getProperty("ldap.conn.user"))
                .managerPassword(environment.getProperty("ldap.conn.pwd"));

        // authenticationManager = auth.getObject();

    }

    @Autowired
    public void setEnvironment(Environment environment) {

        this.environment = environment;
    }
}

I am not sure how to expose the AuthnticationManager for the ldap so that it can be injected in some other class as below.

Public class JmsConfig {

  @Autowired
    @Qualifier("ldapAuthManager")
    private AuthenticationManager authenticationManager;
}
user1578872
  • 7,808
  • 29
  • 108
  • 206

2 Answers2

0

Not sure if this is a lot of help but you could declare an

 @Autowired List<AuthenticationManager> managers;

and try to pick out the manager that you want.

zmitrok
  • 268
  • 1
  • 3
  • This returns only the AuthenticationManager configured in the WebSecurityConfig class and it doesnt have the LDapAuthenticationManager. – user1578872 Aug 19 '15 at 00:45
0

To get the AuthenticationManager you can explicitly expose it via the authenticationManagerBean method of the class WebSecurityConfigurerAdapter.

Example:

 @Bean(name name="myAuthenticationManager")
 @Override
 public AuthenticationManager authenticationManagerBean() throws Exception {
     return super.authenticationManagerBean();
 }

See also this post here: How To Inject AuthenticationManager using Java Configuration in a Custom Filter

Community
  • 1
  • 1
olibur
  • 337
  • 5
  • 13