4

I have built a spring boot REST app with LDAP authentication using unboundid as embedded ldap server. Authentication is based on simple LDIF file, and now I need the ability to add new entries to this file, so I could to authenticate with ones later. How can I save new entry directly to the LDIF?

I have tried to do that using LdapTemplate, but it works only for one session of application(as I understood, LdapTemplate adds new entry to some "internal, one-session-living" LDAP) and when application stops, LDIF file remains unchanged.

Here is my application.properties file

#LDAP config
spring.ldap.embedded.base-dn=dc=time-tracking-service,dc=com
spring.ldap.embedded.credential.username=uid=admin
spring.ldap.embedded.credential.password=pass1
spring.ldap.embedded.ldif=classpath:users.ldif
spring.ldap.embedded.validation.enabled=false
spring.ldap.embedded.port=8389
ldap.url=ldap://localhost:8389/

This is my entry class

@Entry(
    objectClasses = {"inetOrgPerson", "organizationalPerson", "person", "top"}
)
@Data
@NoArgsConstructor
@AllArgsConstructor
public final class LdapPerson{

    @Id
    private Name dn;

    @DnAttribute(value = "uid", index = 1)
    private String uid;

    @DnAttribute(value = "ou", index = 0)
    @Transient
    private String group;

    @Attribute(name = "cn")
    private String fullName;

    @Attribute(name = "sn")
    private String lastName;

    @Attribute(name = "userPassword")
    private String password;

    public LdapPerson(String uid, String fullName, String lastName, String group, String password) {
        this.dn = LdapNameBuilder.newInstance("uid=" + uid + ",ou=" + group).build();
        this.uid = uid;
        this.fullName = fullName;
        this.lastName = lastName;
        this.group = group;
        this.password = password;
    }

And my LdapConfig

@Configuration
@PropertySource("classpath:application.properties")
@EnableLdapRepositories
public class LdapConfig {

    @Autowired
    private Environment env;

    @Bean
    public LdapContextSource contextSource() {
        LdapContextSource contextSource = new LdapContextSource();
        contextSource.setUrl(env.getProperty("ldap.url"));
        contextSource.setBase(env.getRequiredProperty("spring.ldap.embedded.base-dn"));
        contextSource.setUserDn(env.getRequiredProperty("spring.ldap.embedded.credential.username"));
        contextSource.setPassword(env.getRequiredProperty("spring.ldap.embedded.credential.password"));
        contextSource.afterPropertiesSet();
        return contextSource;
    }

    @Bean
    public LdapTemplate ldapTemplate() {
        return new LdapTemplate(contextSource());
    }
}

I add entry simply using

ldapTemplate.create(ldapPerson);

I expected that using LdapTemplate I will be able to add new entry to the LDIF file, but it doesn't work, so I need help with this problem.

barbsan
  • 3,418
  • 11
  • 21
  • 28
skyhook19
  • 53
  • 2
  • 5

1 Answers1

2

as I understood, LdapTemplate adds new entry to some "internal, one-session-living" LDAP

A bit late but you are correct, Spring's embedded LDAP doesn't change the contents of LDIF files upon save (and no LDAP implementation pretty much)

ldapTemplate.create(ldapPerson); just creates a new record in the in-memory LDAP instance you initialized above. When you terminate the application, everything is lost.

If you want to persist data you have to integrate with one LDAP implementations. Moreover LdapTemplate is configurable on Spring Boot through org.springframework.boot.autoconfigure.ldap.LdapAutoConfiguration

Skod
  • 435
  • 6
  • 16