Loading groups from LDAP using Spring Security -
i need give access users belonging grouping (abcd) in ldap. able authenticate spring ldap security, reason grouping membership not loaded. "403 access denied" error when seek login. verified groups user not populated authorities.
securitycontextholder.getcontext().getauthentication().getauthorities();
is there way can load groups of user authorities? here spring security configuration.
<security:http auto-config="true" use-expressions="true"> <security:intercept-url pattern="/js/**" access="true" /> <security:intercept-url pattern="/css/**" access="true" /> <security:intercept-url pattern="/images/**" access="true" /> <security:intercept-url pattern="/**" access="hasrole('abcd')" /> </security:http> <security:ldap-server id="ldapserver" url="${ldap.url}" /> <security:authentication-manager alias="authenticationmanager"> <security:ldap-authentication-provider server-ref="ldapserver" user-dn-pattern="uid={0},ou=people,o=xxxx.com" group-search-base="ou=groups,o=xxxx.com" /> </security:authentication-manager>
should this:
<security:ldap-server id="ldapserver" url="${ldap.url}/o=xxxx.com" /> <security:authentication-manager alias="authenticationmanager"> group-search-filter="member={0}" group-search-base="ou=groups" user-search-base="ou=people" user-search-filter="uid={0}" </security:authentication-manager> the main issue around group-search-filter, should contains attribute (with placeholder) user, refers groups, current user member.
see spring security sample.
spring ldap groups
No comments:
Post a Comment