In a web application running on JBOSS EAP 6 that uses spring 4.1.6, spring security 4.0.1, and JavaConfig we are trying to implement LDAP authentication but instead of defining the properties of the LDAP server (url, etc.) in the configure(AuthenticationManagerBuilder auth) method we would like to obtain the properties from a JBOSS Security Domain that is already configure on the container and has all the needed property.
We tried couple things and searched the web for approaches to accomplish this but were not able to find a solution.
This is what we currently have:
/WEB-INF/jboss-web.xml: jboss-web security-domain java:/jaas/ad-ldap security-domain jboss-web
Security configuration class:
@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http.httpBasic().realmName("ad-ldap");
http.formLogin().loginPage("/login").loginProcessingUrl("/loginProcess");
}
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth
.ldapAuthentication()
.userSearchBase("OU=users,DC=local")
.userSearchFilter("(sAMAccountName={0})")
.groupSearchBase("OU=groups,DC=local")
.groupSearchFilter("sAMAccountName={0}");
}
}
Thanks
You only need to defined the LDAP server URL in the security domain in the standalone XML.
http://www.mastertheboss.com/jboss-server/jboss-security/configure-jboss-with-ldap?start=1 But note in the example above the Realm name element in your web.xml should be:
https://docs.jboss.org/author/display/WFLY8/Examples