Skip to content

A restx module that allows to interact with an LDAP server in the context of user authentication

Notifications You must be signed in to change notification settings

walien/restx-ldap

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
 
 
 
 
 
 
 
 
 
 

Repository files navigation

restx-ldap

A restx module that allows to interact with an LDAP server in the context of user authentication. The used LDAP client libray is Apache Directory which is compatible with all LDAP implementations. For testing purpose, an OpenLDAP docker-compose file is available.

First we need to define two implementations : a user service (this component ensure authentication by retrieving user by name, and by checking credentials) which uses a user repository (the data access layer) :

   @Component
   public class MyLdapUserRepository extends LdapUserRepository<User> {
   
       public MyLdapUserRepository(LdapConnection ldapConnection, LdapSettings ldapSettings, LdapUserDefinition userDefinition, User defaultAdmin) {
           super(ldapConnection, ldapSettings, userDefinition, defaultAdmin);
       }
   }
   @Component
   public class MyLdapUserService extends LdapUserService<User> {
   
       public MyLdapUserService(LdapUserRepository userRepository, CredentialsStrategy credentialsStrategy) {
           super(userRepository, credentialsStrategy);
       }
   }

Finally an example of a LDAP module :

@Module
public class SecurityModule {
    
    @Provides
    public BasicPrincipalAuthenticator authenticator(LdapUserService userService, SecuritySettings securitySettings) {
        return new StdBasicPrincipalAuthenticator(userService, securitySettings);
    }

    /**
    *  Ensure the mapping between an LDAP entry and a domain specific user. The
    *  interface can also resolve credentials from a specific LDAP entry's field 
    *  ('userPassword' by default). 
    */
    @Provides
    public LdapUserDefinition ldapUserDefinition() {
        return new LdapUserDefinition<User>() {
            @Override
            public User mapToPrincipal(Entry ldapEntry) {
                List<Role> roles = CommonUtils.stream(ldapEntry.get("businessCategory"))
                        .map(Value::getString)
                        .map(Role::valueOf)
                        .collect(Collectors.toList());
                return new User()
                        .setFirstName(ldapEntry.get("givenname").get().getString())
                        .setLastName(ldapEntry.get("sn").get().getString())
                        .setLogin(ldapEntry.get("uid").get().getString())
                        .setEmail(ldapEntry.get("mail").get().getString())
                        .setRoles(roles);
            }
        };
    }
}

About

A restx module that allows to interact with an LDAP server in the context of user authentication

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages