I'm creating application with spring security 3 using the protocole Ldap,and JSF 2 the problem is that I have always authentication failure ! I have a working java classe witch tests the existance of user in the ldap base:
public class Ldap {
public static boolean test(String login,String pass) throws UnsupportedEncodingException {
boolean exist=false;
Hashtable<String, String> env = new Hashtable();
String Name = "CN="+login+",CN=USERS,DC=ABC,DC=COM";
String Password = pass;
String ldapURL = "ldap://192.168.6.42:389";
env.put(Context.INITIAL_CONTEXT_FACTORY,"com.sun.jndi.ldap.LdapCtxFactory");
//set security credentials, note using simple cleartext authentication
env.put(Context.SECURITY_AUTHENTICATION,"simple");
env.put(Context.SECURITY_PRINCIPAL,Name);
env.put(Context.SECURITY_CREDENTIALS,Password);
//connect to my domain controller
env.put(Context.PROVIDER_URL,ldapURL);
try {
//Create the initial directory context
LdapContext ctx = new InitialLdapContext(env,null);
//Create the search controls
SearchControls searchCtls = new SearchControls();
//Specify the search scope
searchCtls.setSearchScope(SearchControls.SUBTREE_SCOPE);
//specify the LDAP search filter
String searchFilter = "(&(objectClass=user)(CN="+login+"))";
//Specify the Base for the search
String searchBase = "CN=Users,DC=ABC,DC=COM";
//initialize counter to total the group members
int totalResults = 0;
//Specify the attributes to return
String returnedAtts[]={"memberOf"};
searchCtls.setReturningAttributes(returnedAtts);
//Search for objects using the filter
NamingEnumeration answer = ctx.search(searchBase, searchFilter, searchCtls);
//Loop through the search results
while (answer.hasMoreElements()) {
SearchResult sr = (SearchResult)answer.next();
//Print out the groups
Attributes attrs = sr.getAttributes();
if (attrs != null) {
exist=true;
}
}
ctx.close();
}
catch (NamingException e) {
}
return exist;
}
}
but my spring-security configuration doesn't work :
<http use-expressions="true" >
<intercept-url pattern="/pages/ADM/**" access="hasRole('ROLE_ADM')" />
<intercept-url pattern="/pages/Employe/**" access="hasRole('ROLE_EMP')" />
<!-- Custom login page -->
<form-login login-page="/login.jsf" authentication-success-handler- ref="loginSuccessHandler"
authentication-failure-handler-ref="loginFailureHandler" />
<!-- Custom logout page -->
<logout />
</http>
<beans:bean id="loginSuccessHandler" class="exp.customloginpage.AuthSuccessHandler" />
<beans:bean id="loginFailureHandler" class="exp.customloginpage.AuthFailureHandler" />
<!-- Use authentication provider. -->
<beans:bean id="contextSource" class="org.springframework.security.ldap.DefaultSpringSecurityContextSource">
<beans:constructor-arg index="0" value="ldap://192.168.6.42:389/cn=Users,dc=ABC,dc=COM" />
</beans:bean>
<beans:bean id="ldapUserSearch" class="org.springframework.security.ldap.search.FilterBasedLdapUserSearch">
<beans:constructor-arg index="0" value=""/>
<beans:constructor-arg index="1" value="(uid={0})"/>
<beans:constructor-arg index="2" ref="contextSource" />
<beans:property name="searchSubtree" value="true" /> <!-- Recherche dans les sous-branches -->
</beans:bean>
<beans:bean id="userDetailsAuthoritiesPopulator" class="exp.customloginpage.UserDetailsAuthoritiesPopulator" />
<beans:bean id="ldapAuthProvider" class="org.springframework.security.ldap.authentication.LdapAuthenticationProvider">
<beans:constructor-arg index="0">
<beans:bean class="org.springframework.security.ldap.authentication.BindAuthenticator">
<beans:constructor-arg index="0" ref="contextSource" />
<beans:property name="userSearch" ref="ldapUserSearch" />
</beans:bean>
</beans:constructor-arg>
<beans:constructor-arg index="1">
<beans:bean class="exp.customloginpage.UserDetailsAuthoritiesPopulator" />
</beans:constructor-arg>
</beans:bean>
<authentication-manager>
<authentication-provider ref="ldapAuthProvider" />
</authentication-manager>
Aucun commentaire:
Enregistrer un commentaire