Skip to content

Commit

Permalink
EIFA:369: Reduce 6 LDAP calls to 4
Browse files Browse the repository at this point in the history
  • Loading branch information
Piyush Sadangi (EXT) committed Apr 22, 2024
1 parent a36b905 commit b441b53
Show file tree
Hide file tree
Showing 2 changed files with 35 additions and 6 deletions.
5 changes: 5 additions & 0 deletions publish-common/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -62,6 +62,11 @@
<artifactId>spring-security-ldap</artifactId>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.springframework.ldap</groupId>
<artifactId>spring-ldap-core</artifactId>
<version>2.3.8.RELEASE</version>
</dependency>
<dependency>
<groupId>io.springfox</groupId>
<artifactId>springfox-swagger2</artifactId>
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Profile;
import org.springframework.ldap.core.support.BaseLdapPathContextSource;
Expand All @@ -29,6 +30,16 @@
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.ldap.authentication.BindAuthenticator;
import org.springframework.security.ldap.authentication.LdapAuthenticationProvider;
import org.springframework.security.ldap.authentication.LdapAuthenticator;
import org.springframework.security.ldap.search.FilterBasedLdapUserSearch;
import org.springframework.ldap.pool.validation.DefaultDirContextValidator;
import org.springframework.ldap.pool.factory.PoolingContextSource;
import org.springframework.ldap.core.ContextSource;
import org.springframework.ldap.core.support.BaseLdapPathContextSource;

/**
* This class is used to enable the ldap authentication based on property
Expand Down Expand Up @@ -74,20 +85,33 @@ public Integer getTimeOut() {
@Autowired
private CustomAuthenticationEntryPoint customAuthenticationEntryPoint;

@Autowired
protected void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
@Override
public void configure(AuthenticationManagerBuilder auth) throws Exception {
final String jasyptKey = RabbitMqPropertiesConfig.readJasyptKeyFile(jasyptKeyFilePath);
if (managerPassword.startsWith("{ENC(") && managerPassword.endsWith("}")) {
managerPassword = DecryptionUtils.decryptString(
managerPassword.substring(1, managerPassword.length() - 1), jasyptKey);
}
LOGGER.debug("LDAP server url: " + ldapUrl);
auth.ldapAuthentication()
.userSearchFilter(userSearchFilter)
.contextSource(ldapContextSource());

// Initialize and configure the LdapContextSource
LdapContextSource contextSource = ldapContextSource();

// Configure BindAuthenticator with the context source and user search filter
BindAuthenticator bindAuthenticator = new BindAuthenticator(contextSource);
bindAuthenticator.setUserSearch(new FilterBasedLdapUserSearch(
"", // Empty base indicates search starts at root DN provided in contextSource
userSearchFilter,
contextSource));

// Setup LdapAuthenticationProvider
LdapAuthenticationProvider ldapAuthProvider = new LdapAuthenticationProvider(bindAuthenticator);

// Configure the authentication provider
auth.authenticationProvider(ldapAuthProvider);
}

public BaseLdapPathContextSource ldapContextSource() {
public LdapContextSource ldapContextSource() {
LdapContextSource ldap = new LdapContextSource();
ldap.setUrl(ldapUrl);
ldap.setBase(rootDn);
Expand Down

0 comments on commit b441b53

Please sign in to comment.