nicolabs/ldap-plugin
1
0
Fork 0
mirror of https://github.com/nicolabs/ldap-plugin.git synced 2025-09-07 05:14:24 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions
ldap-plugin/war/resources/WEB-INF/security/LDAPBindSecurityRealm.groovy
kohsuke 376aae67f9 adding remember-me service to the mix. 
git-svn-id: https://hudson.dev.java.net/svn/hudson/trunk/hudson/main@6761 71c3de6d-444a-0410-be80-ed276b4c234a

Originally-Committed-As: 846889ad1acdc3644459c3643ce22371603dde38
2008-01-19 17:42:15 +00:00

54 lines
2 KiB
Groovy
Raw Blame History

import org.acegisecurity.providers.ProviderManager
import org.acegisecurity.providers.anonymous.AnonymousAuthenticationProvider
import org.acegisecurity.providers.ldap.LdapAuthenticationProvider
import org.acegisecurity.providers.ldap.authenticator.BindAuthenticator
import org.acegisecurity.providers.ldap.populator.DefaultLdapAuthoritiesPopulator
import org.acegisecurity.ldap.DefaultInitialDirContextFactory
import org.acegisecurity.ldap.search.FilterBasedLdapUserSearch
import org.acegisecurity.providers.rememberme.RememberMeAuthenticationProvider
/*
Configure LDAP as the authentication realm.
Authentication is performed by doing LDAP bind.
The 'instance' object refers to the instance of LDAPSecurityRealm
*/
initialDirContextFactory(DefaultInitialDirContextFactory, instance.getLDAPURL() ) {
// if anonymous bind is not allowed --- but what is the use of anonymous bind?
// managerDn = "..."
// managerPassword="..."
}
bindAuthenticator(BindAuthenticator,initialDirContextFactory) {
// this is when you the user name can be translated into DN.
// userDnPatterns = [
// "uid={0},ou=people"
// ]
// this is when we need to find it.
userSearch = bean(FilterBasedLdapUserSearch, instance.userSearchBase, instance.userSearch, initialDirContextFactory) {
searchSubtree=true
}
}
authoritiesPopulator(DefaultLdapAuthoritiesPopulator,initialDirContextFactory,"ou=groups") {
// groupRoleAttribute = "ou";
}
authenticationManager(ProviderManager) {
providers = [
// talk to LDAP
bean(LdapAuthenticationProvider,bindAuthenticator,authoritiesPopulator),
// these providers apply everywhere
bean(RememberMeAuthenticationProvider) {
key = app.getSecretKey();
},
// this doesn't mean we allow anonymous access.
// we just authenticate anonymous users as such,
// so that later authorization can reject them if so configured
bean(AnonymousAuthenticationProvider) {
key = "anonymous"
}
]
}
Reference in a new issue View git blame Copy permalink