LDAP authentication using jboss security domain

Question

In a web application running on JBOSS EAP 6 that uses spring 4.1.6, spring security 4.0.1, and JavaConfig we are trying to implement LDAP authentication but instead of defining the properties of the LDAP server (url, etc.) in the configure(AuthenticationManagerBuilder auth) method we would like to obtain the properties from a JBOSS Security Domain that is already configure on the container and has all the needed property.

We tried couple things and searched the web for approaches to accomplish this but were not able to find a solution.

This is what we currently have:

/WEB-INF/jboss-web.xml: jboss-web security-domain java:/jaas/ad-ldap security-domain jboss-web

Security configuration class:

@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {

@Override
protected void configure(HttpSecurity http) throws Exception {
http.httpBasic().realmName("ad-ldap");
http.formLogin().loginPage("/login").loginProcessingUrl("/loginProcess");
}

@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth
.ldapAuthentication()
    .userSearchBase("OU=users,DC=local")
    .userSearchFilter("(sAMAccountName={0})")
    .groupSearchBase("OU=groups,DC=local")
    .groupSearchFilter("sAMAccountName={0}");
}
}

Thanks

Were you actually able to make this work? If so could you please help by posting answer back. — Greg Hill, Jun 02 '17 at 14:38

score 0 · Answer 1 · answered Oct 01 '15 at 08:08

0

You only need to defined the LDAP server URL in the security domain in the standalone XML.

http://www.mastertheboss.com/jboss-server/jboss-security/configure-jboss-with-ldap?start=1 But note in the example above the Realm name element in your web.xml should be:

<realm-name>LDAPAuth</realm-name>

https://docs.jboss.org/author/display/WFLY8/Examples

answered Oct 01 '15 at 08:08

ozOli

1,414
1
18
26

Thanks for the feedback. I'm still not able to make this work. We are using Java Configuration so we don't have a web.xml file. I have a jboss-web.xml under /WEB-INF with the security domain definition: java:/jaas/ad-ldap. Spring doesn't load this and instead is loading the default LDAP server shipped with Spring. I added some additional info to the initial post. Any further help will be appreciated. – dpmesa Oct 01 '15 at 17:47
1

try with: ad-ldap – Néstor Almeida Mar 20 '18 at 10:49

LDAP authentication using jboss security domain

1 Answers1