Created
June 11, 2017 02:24
-
-
Save mashurex/4c13af1749994320af289161e90524e4 to your computer and use it in GitHub Desktop.
Spring Boot LDAP Authentication and Groups with JumpCloud
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?xml version="1.0" encoding="UTF-8"?> | |
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" | |
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> | |
<modelVersion>4.0.0</modelVersion> | |
<groupId>com.ashurex.gist</groupId> | |
<artifactId>jumpcloud-ldap-auth</artifactId> | |
<version>1.0.0-SNAPSHOT</version> | |
<packaging>jar</packaging> | |
<name>ldap-auth</name> | |
<description>Demo of simple JumpCloud LDAP authentication</description> | |
<parent> | |
<groupId>org.springframework.boot</groupId> | |
<artifactId>spring-boot-starter-parent</artifactId> | |
<version>1.5.4.RELEASE</version> | |
<relativePath/> | |
</parent> | |
<properties> | |
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding> | |
<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding> | |
<java.version>1.8</java.version> | |
</properties> | |
<dependencies> | |
<dependency> | |
<groupId>org.springframework.boot</groupId> | |
<artifactId>spring-boot-starter-data-ldap</artifactId> | |
</dependency> | |
<dependency> | |
<groupId>org.springframework.security</groupId> | |
<artifactId>spring-security-ldap</artifactId> | |
<version>4.2.3.RELEASE</version> | |
</dependency> | |
<dependency> | |
<groupId>org.springframework.boot</groupId> | |
<artifactId>spring-boot-starter-security</artifactId> | |
</dependency> | |
<dependency> | |
<groupId>org.springframework.boot</groupId> | |
<artifactId>spring-boot-starter-web</artifactId> | |
</dependency> | |
<dependency> | |
<groupId>org.springframework.boot</groupId> | |
<artifactId>spring-boot-starter-test</artifactId> | |
<scope>test</scope> | |
</dependency> | |
<dependency> | |
<groupId>org.springframework.security</groupId> | |
<artifactId>spring-security-test</artifactId> | |
<scope>test</scope> | |
</dependency> | |
</dependencies> | |
<build> | |
<plugins> | |
<plugin> | |
<groupId>org.springframework.boot</groupId> | |
<artifactId>spring-boot-maven-plugin</artifactId> | |
</plugin> | |
</plugins> | |
</build> | |
</project> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
@Configuration | |
public class WebSecurityConfig extends WebSecurityConfigurerAdapter | |
{ | |
@Override | |
protected void configure(HttpSecurity http) throws Exception { | |
// Put whatever your HTTP security requirements are here. | |
http | |
.authorizeRequests() | |
.anyRequest().fullyAuthenticated() | |
.and() | |
.formLogin(); | |
} | |
@Override | |
public void configure(AuthenticationManagerBuilder auth) throws Exception | |
{ | |
auth.ldapAuthentication() | |
.contextSource(contextSource()) | |
// Authenticate users by email | |
//.userSearchFilter("(&(objectClass=inetOrgPerson)(mail={0}))") | |
// Authenticate users by LDAP username | |
.userSearchFilter("(&(objectClass=inetOrgPerson)(uid={0}))") | |
.groupRoleAttribute("cn") | |
// Return all groups that contain this member | |
.groupSearchFilter("(&(objectClass=groupOfNames)(member={0}))"); | |
} | |
@Bean | |
LdapTemplate ldapTemplate() | |
{ | |
return new LdapTemplate(contextSource()); | |
} | |
@Bean | |
public LdapContextSource contextSource() { | |
LdapContextSource ctx = new LdapContextSource(); | |
ctx.setUrl("ldaps://ldap.jumpcloud.com:636"); | |
// Set the username/password for the LDAP binding user configured in JumpCloud | |
ctx.setUserDn("uid=**YOUR LDAP BINDING USER**,ou=Users,o=**YOUR JumpCloud ORG ID**,dc=jumpcloud,dc=com"); | |
ctx.setPassword("**YOUR LDAP BINDING USER PASSWORD**"); | |
// Set the base search parameters for user/group queries | |
ctx.setBase("ou=Users,o=**YOUR JumpCloud ORG ID**,dc=jumpcloud,dc=com"); | |
return ctx; | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Thanks this gist helped me setup jump cloud for a demo app that showcases ldap auth using spring security