nicolabs/ldap-plugin
1
0
Fork 0
mirror of https://github.com/nicolabs/ldap-plugin.git synced 2025-09-07 05:14:24 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions
ldap-plugin/war/resources/WEB-INF/security/LDAPBindSecurityRealm.groovy
kohsuke dc94954abb doing a bit more LDAP work. 
git-svn-id: https://hudson.dev.java.net/svn/hudson/trunk/hudson/main@6475 71c3de6d-444a-0410-be80-ed276b4c234a

Originally-Committed-As: ad569ef435a46570c0a15331563bc9a1721eeb19
2008-01-04 07:13:30 +00:00

41 lines
1.4 KiB
Groovy
Raw Blame History

import org.acegisecurity.providers.ProviderManager
import org.acegisecurity.providers.anonymous.AnonymousAuthenticationProvider
import org.acegisecurity.providers.ldap.LdapAuthenticationProvider
import org.acegisecurity.providers.ldap.authenticator.BindAuthenticator
import org.acegisecurity.providers.ldap.populator.DefaultLdapAuthoritiesPopulator
import org.acegisecurity.ldap.DefaultInitialDirContextFactory
/*
Configure LDAP as the authentication realm.
Authentication is performed by doing LDAP bind.
*/
initialDirContextFactory(DefaultInitialDirContextFactory,it.providerUrl) {
// if anonymous bind is not allowed --- but what is the use of anonymous bind?
// managerDn = "..."
// managerPassword="..."
}
bindAuthenticator(BindAuthenticator,initialDirContextFactory) {
userDnPatterns = [
"uid={0},ou=people"
]
}
authoritiesPopulator(DefaultLdapAuthoritiesPopulator,initialDirContextFactory,"ou=groups") {
// groupRoleAttribute = "ou";
}
authenticationManager(ProviderManager) {
providers = [
// talk to LDAP
bean(LdapAuthenticationProvider,bindAuthenticator,authoritiesPopulator),
// this doesn't mean we allow anonymous access.
// we just authenticate anonymous users as such,
// so that later authorization can reject them if so configured
bean(AnonymousAuthenticationProvider) {
key = "anonymous"
}
]
}
Reference in a new issue View git blame Copy permalink