Now, since we have plugged in the LDAP information, it is time to stitch it with Spring Security. The easiest thing to do is:
@Configuration
@EnableWebSecurity(debug = true)
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
private static final Logger logger = LoggerFactory.getLogger(WebSecurityConfig.class);
@Autowired
private LdapContextSource ldapContextSource;
@Override
protected void configure(HttpSecurity http) throws Exception {
http.httpBasic().and().authorizeRequests().antMatchers("/users","/").permitAll()
.anyRequest().authenticated().and().csrf().disable();
}
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.ldapAuthentication().contextSource(ldapContextSource)
.userSearchBase("ou=users")
.groupSearchBase("ou=groups")
.groupSearchFilter("member={0}")
.userDnPatterns("ou=users,dc=example,dc=com")
.userSearchFilter("uid={0}");
}
}