adding remember-me service to the mix.

git-svn-id: https://hudson.dev.java.net/svn/hudson/trunk/hudson/main@6761 71c3de6d-444a-0410-be80-ed276b4c234a Originally-Committed-As: 846889ad1acdc3644459c3643ce22371603dde38
2025-09-07 05:14:24 +02:00 · 2008-01-19 17:42:15 +00:00 · 2008-01-19 17:42:15 +00:00 · 376aae67f9
commit 376aae67f9
parent a05fa4f947
2 changed files with 13 additions and 2 deletions
--- a/core/src/main/java/hudson/security/LDAPSecurityRealm.java
+++ b/core/src/main/java/hudson/security/LDAPSecurityRealm.java
@ -9,11 +9,13 @@ import hudson.util.FormFieldValidator;
 import hudson.util.spring.BeanBuilder;
 import net.sf.json.JSONObject;
 import org.acegisecurity.AuthenticationManager;
+import org.acegisecurity.userdetails.UserDetailsService;
 import org.acegisecurity.ldap.search.FilterBasedLdapUserSearch;
 import org.kohsuke.stapler.DataBoundConstructor;
 import org.kohsuke.stapler.QueryParameter;
 import org.kohsuke.stapler.StaplerRequest;
 import org.kohsuke.stapler.StaplerResponse;
+import org.springframework.web.context.WebApplicationContext;

 import javax.naming.NamingException;
 import javax.naming.directory.Attribute;
@ -119,13 +121,16 @@ public class LDAPSecurityRealm extends SecurityRealm {
        return "ldap://"+server+'/'+rootDN;
    }

-    public AuthenticationManager createAuthenticationManager() {
+    public SecurityComponents createSecurityComponents() {
        Binding binding = new Binding();
        binding.setVariable("instance", this);

        BeanBuilder builder = new BeanBuilder();
        builder.parse(Hudson.getInstance().servletContext.getResourceAsStream("/WEB-INF/security/LDAPBindSecurityRealm.groovy"),binding);
-        return findBean(AuthenticationManager.class,builder.createApplicationContext());
+        WebApplicationContext appContext = builder.createApplicationContext();
+        return new SecurityComponents(
+            findBean(AuthenticationManager.class, appContext),
+            findBean(UserDetailsService.class, appContext));
    }

    public DescriptorImpl getDescriptor() {
--- a/war/resources/WEB-INF/security/LDAPBindSecurityRealm.groovy
+++ b/war/resources/WEB-INF/security/LDAPBindSecurityRealm.groovy
@ -5,6 +5,7 @@ import org.acegisecurity.providers.ldap.authenticator.BindAuthenticator
 import org.acegisecurity.providers.ldap.populator.DefaultLdapAuthoritiesPopulator
 import org.acegisecurity.ldap.DefaultInitialDirContextFactory
 import org.acegisecurity.ldap.search.FilterBasedLdapUserSearch
+import org.acegisecurity.providers.rememberme.RememberMeAuthenticationProvider

 /*
    Configure LDAP as the authentication realm.
@ -38,6 +39,11 @@ authenticationManager(ProviderManager) {
    providers = [
        // talk to LDAP
        bean(LdapAuthenticationProvider,bindAuthenticator,authoritiesPopulator),
+
+    // these providers apply everywhere
+        bean(RememberMeAuthenticationProvider) {
+            key = app.getSecretKey();
+        },
        // this doesn't mean we allow anonymous access.
        // we just authenticate anonymous users as such,
        // so that later authorization can reject them if so configured