Přihlašování proti LDAP serveru- integrace s Active Directory
This commit is contained in:
@@ -0,0 +1,2 @@
|
||||
ldap.server=ldap://localhost:3089
|
||||
ldap.userDNPattern=uid=\{0\},OU=people,DC=bukova,DC=info
|
||||
@@ -0,0 +1,17 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<beans xmlns="http://www.springframework.org/schema/beans"
|
||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||
xmlns:security="http://www.springframework.org/schema/security"
|
||||
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
|
||||
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security.xsd">
|
||||
|
||||
|
||||
<security:authentication-manager>
|
||||
<security:authentication-provider user-service-ref="userService">
|
||||
<security:password-encoder ref="passwordEncoder">
|
||||
<security:salt-source user-property="username" />
|
||||
</security:password-encoder>
|
||||
</security:authentication-provider>
|
||||
</security:authentication-manager>
|
||||
|
||||
</beans>
|
||||
@@ -0,0 +1,46 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<beans xmlns="http://www.springframework.org/schema/beans"
|
||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||
xmlns:security="http://www.springframework.org/schema/security"
|
||||
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
|
||||
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security.xsd">
|
||||
|
||||
<!-- LDAP -->
|
||||
|
||||
<!-- embedded server only for testing -->
|
||||
<security:ldap-server root="dc=bukova,dc=info" ldif="classpath:users.ldif" port="3089"/>
|
||||
|
||||
<security:authentication-manager>
|
||||
<security:authentication-provider ref="ldapAuthProvider"/>
|
||||
</security:authentication-manager>
|
||||
|
||||
<bean id="contextSource" class="org.springframework.security.ldap.DefaultSpringSecurityContextSource">
|
||||
<constructor-arg value="${ldap.server}"/>
|
||||
</bean>
|
||||
|
||||
<bean id="authenticator" class="org.springframework.security.ldap.authentication.BindAuthenticator">
|
||||
<constructor-arg ref="contextSource"/>
|
||||
<property name="userDnPatterns">
|
||||
<list>
|
||||
<value>${ldap.userDNPattern}</value>
|
||||
</list>
|
||||
</property>
|
||||
</bean>
|
||||
|
||||
<bean id="populator" class="info.bukova.isspst.security.AuthPopulator">
|
||||
<constructor-arg>
|
||||
<ref local="userService"/>
|
||||
</constructor-arg>
|
||||
<constructor-arg>
|
||||
<ref local="roleService"/>
|
||||
</constructor-arg>
|
||||
</bean>
|
||||
|
||||
<bean id="ldapAuthProvider"
|
||||
class="org.springframework.security.ldap.authentication.LdapAuthenticationProvider">
|
||||
<constructor-arg ref="authenticator"/>
|
||||
<constructor-arg ref="populator"/>
|
||||
</bean>
|
||||
|
||||
|
||||
</beans>
|
||||
@@ -11,7 +11,14 @@
|
||||
<context:annotation-config />
|
||||
<context:component-scan base-package="info.bukova.isspst,org.zkoss.spring.beans.zkcomponents"></context:component-scan>
|
||||
|
||||
<bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer" id="propertyConfigurer" p:location="/WEB-INF/jdbc.properties" />
|
||||
<bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer" id="propertyConfigurer">
|
||||
<property name="locations">
|
||||
<list>
|
||||
<value>/WEB-INF/jdbc.properties</value>
|
||||
<value>/WEB-INF/ldap.properties</value>
|
||||
</list>
|
||||
</property>
|
||||
</bean>
|
||||
|
||||
<!-- Database -->
|
||||
<bean id="dataSource"
|
||||
@@ -52,7 +59,7 @@
|
||||
<property name="permissionEvaluator" ref="permissionEvaluator" />
|
||||
</bean>
|
||||
|
||||
<bean id="permissionEvaluator" class="info.bukova.isspst.IsspstPermissionEvaluator"/>
|
||||
<bean id="permissionEvaluator" class="info.bukova.isspst.security.IsspstPermissionEvaluator"/>
|
||||
|
||||
<security:http auto-config="true" use-expressions="true">
|
||||
<security:intercept-url pattern="/app/**" access="hasAnyRole('ROLE_USER', 'ROLE_ADMIN')"/>
|
||||
@@ -65,13 +72,8 @@
|
||||
<security:logout invalidate-session="true"/>
|
||||
</security:http>
|
||||
|
||||
<security:authentication-manager>
|
||||
<security:authentication-provider user-service-ref="userService">
|
||||
<security:password-encoder ref="passwordEncoder">
|
||||
<security:salt-source user-property="username" />
|
||||
</security:password-encoder>
|
||||
</security:authentication-provider>
|
||||
</security:authentication-manager>
|
||||
<import resource="database-auth.xml"/>
|
||||
<!-- <import resource="ldap-auth.xml"/> -->
|
||||
|
||||
<bean class="org.springframework.beans.factory.config.MethodInvokingFactoryBean">
|
||||
<property name="targetClass" value="org.springframework.security.core.context.SecurityContextHolder" />
|
||||
@@ -81,7 +83,7 @@
|
||||
|
||||
<bean id="passwordEncoder" class="org.springframework.security.authentication.encoding.ShaPasswordEncoder"/>
|
||||
|
||||
<bean id="loginFail" class="info.bukova.isspst.LoginFailHandler"/>
|
||||
<bean id="loginFail" class="info.bukova.isspst.security.LoginFailHandler"/>
|
||||
|
||||
<!-- DAO -->
|
||||
<bean id="userDao" class="info.bukova.isspst.dao.jpa.UserDaoJPA">
|
||||
|
||||
@@ -2,9 +2,10 @@
|
||||
<zk>
|
||||
<?variable-resolver class="org.zkoss.zkplus.spring.DelegatingVariableResolver"?>
|
||||
|
||||
<window id="passwd" title="Změnit heslo" border="normal" closable="true" width="350px"
|
||||
<window id="passwd" border="normal" closable="true" width="350px"
|
||||
apply="org.zkoss.bind.BindComposer"
|
||||
viewModel="@id('vm') @init('info.bukova.isspst.ui.users.PasswdVM')">
|
||||
<caption src="/img/passwd.png" zclass="form-caption" label="Změnit heslo" />
|
||||
<style src="/app/form.css"/>
|
||||
<grid>
|
||||
<columns>
|
||||
|
||||
Binary file not shown.
|
After Width: | Height: | Size: 2.6 KiB |
Reference in New Issue
Block a user