nicolabs/ldap-plugin
1
0
Fork 0
mirror of https://github.com/nicolabs/ldap-plugin.git synced 2025-09-07 05:14:24 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions
ldap-plugin/war/resources/WEB-INF/security/LDAPBindSecurityRealm.groovy
kohsuke bbcdae89b4 DeferredCreationLdapAuthoritiesPopulator is no longer necessary because filters are now created after SecurityRealm is prepared. 
git-svn-id: https://hudson.dev.java.net/svn/hudson/trunk/hudson/main@14872 71c3de6d-444a-0410-be80-ed276b4c234a

Originally-Committed-As: 3beed588ad53269bf8f32e49ff84eed8572093f5
2009-01-29 17:29:26 +00:00

60 lines
2.2 KiB
Groovy
Raw Blame History

import org.acegisecurity.providers.ProviderManager
import org.acegisecurity.providers.anonymous.AnonymousAuthenticationProvider
import org.acegisecurity.providers.ldap.LdapAuthenticationProvider
import org.acegisecurity.providers.ldap.authenticator.BindAuthenticator2
import org.acegisecurity.ldap.DefaultInitialDirContextFactory
import org.acegisecurity.ldap.search.FilterBasedLdapUserSearch
import org.acegisecurity.providers.rememberme.RememberMeAuthenticationProvider
import hudson.model.Hudson
import org.acegisecurity.providers.ldap.populator.DefaultLdapAuthoritiesPopulator
import hudson.Util
/*
Configure LDAP as the authentication realm.
Authentication is performed by doing LDAP bind.
The 'instance' object refers to the instance of LDAPSecurityRealm
*/
initialDirContextFactory(DefaultInitialDirContextFactory, instance.getLDAPURL() ) {
if(instance.managerDN!=null) {
managerDn = instance.managerDN;
managerPassword = instance.getManagerPassword();
}
}
ldapUserSearch(FilterBasedLdapUserSearch, instance.userSearchBase, instance.userSearch, initialDirContextFactory) {
searchSubtree=true
}
bindAuthenticator(BindAuthenticator2,initialDirContextFactory) {
// this is when you the user name can be translated into DN.
// userDnPatterns = [
// "uid={0},ou=people"
// ]
// this is when we need to find it.
userSearch = ldapUserSearch;
}
authoritiesPopulator(DefaultLdapAuthoritiesPopulator, initialDirContextFactory, Util.fixNull(instance.groupSearchBase)) {
// see DefaultLdapAuthoritiesPopulator for other possible configurations
searchSubtree = true;
}
authenticationManager(ProviderManager) {
providers = [
// talk to LDAP
bean(LdapAuthenticationProvider,bindAuthenticator,authoritiesPopulator),
// these providers apply everywhere
bean(RememberMeAuthenticationProvider) {
key = Hudson.getInstance().getSecretKey();
},
// this doesn't mean we allow anonymous access.
// we just authenticate anonymous users as such,
// so that later authorization can reject them if so configured
bean(AnonymousAuthenticationProvider) {
key = "anonymous"
}
]
}
Reference in a new issue View git blame Copy permalink