It's possible to configure XL Release to use multiple LDAP repositories.
Here's a sample configuration of an xl-release-security.xml to connect to 2 LDAP domains at xl.comand xl.emea.com.
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org
/2001/XMLSchema-instance"
xmlns:security="http://www.springframework.org/schema/security"
xsi:schemaLocation="
http://www.springframework.org/schema/beans http://www.springframework.org/
schema/beans/spring-beans.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/
security/spring-security.xsd
">
<!--connect to localhost:389 (xl.com) -->
<bean id="ldapServer" class="org.springframework.security.ldap.DefaultSpringSecurity
ContextSource">
<constructor-arg value="ldap://localhost:389/" />
<property name="userDn" value="cn=admin,dc=xl,dc=com" />
<property name="password" value="password" />
<property name="baseEnvironmentProperties">
<map>
<entry key="java.naming.referral">
<value>ignore</value>
</entry>
</map>
</property>
</bean>
<!--search for users from xl.com -->
<bean id="userSearch" class="org.springframework.security.ldap.search.FilterBasedLdap
UserSearch">
<constructor-arg index="0" value="dc=xl,dc=com" />
<constructor-arg index="1" value="(&(uid={0})(objectClass=inetOrgPerson))" />
<constructor-arg index="2" ref="ldapServer" />
</bean>
<!--search based on OUs from xl.com -->
<bean id="authoritiesPopulator" class="org.springframework.security.ldap.userdetails.
DefaultLdapAuthoritiesPopulator">
<constructor-arg ref="ldapServer" />
<constructor-arg value="ou=users,dc=xl,dc=com" />
<property name="groupSearchFilter" value="(member={0})" />
<property name="rolePrefix" value="" />
<property name="searchSubtree" value="true" />
<property name="convertToUpperCase" value="false" />
</bean>
<!--set up the provider to access xl.com with the information above -->
<bean id="ldapProvider" class="org.springframework.security.ldap.authentication.Ldap
AuthenticationProvider">
<constructor-arg>
<bean class="org.springframework.security.ldap.authentication.BindAuthenticator">
<constructor-arg ref="ldapServer" />
<property name="userSearch" ref="userSearch"/>
</bean>
</constructor-arg>
<constructor-arg ref="authoritiesPopulator"/>
</bean>
<!--connect to localhost:1389 (xl.emea.com) -->
<bean id="ldapServer2" class="org.springframework.security.ldap.DefaultSpringSecurity
ContextSource">
<constructor-arg value="ldap://localhost:1389/" />
<property name="userDn" value="cn=admin,dc=xl,dc=emea,dc=com" />
<property name="password" value="password" />
<property name="baseEnvironmentProperties">
<map>
<entry key="java.naming.referral">
<value>ignore</value>
</entry>
</map>
</property>
</bean>
<!--search for users from xl.emea.com -->
<bean id="userSearch2" class="org.springframework.security.ldap.search.FilterBased
LdapUserSearch">
<constructor-arg index="0" value="dc=xl,dc=emea,dc=com" />
<constructor-arg index="1" value="(&(uid={0})(objectClass=inetOrgPerson))" />
<constructor-arg index="2" ref="ldapServer2" />
</bean>
<!--search based on OUs from xl.emea.com -->
<bean id="authoritiesPopulator2" class="org.springframework.security.ldap.userdetails.
DefaultLdapAuthoritiesPopulator">
<constructor-arg ref="ldapServer2" />
<constructor-arg value="ou=devs,dc=xl,dc=emea,dc=com" />
<property name="groupSearchFilter" value="(member={0})" />
<property name="rolePrefix" value="" />
<property name="searchSubtree" value="true" />
<property name="convertToUpperCase" value="false" />
</bean>
<!--set up the provider to access xl.emea.com with the information above -->
<bean id="ldapProvider2" class="org.springframework.security.ldap.authentication.Ldap
AuthenticationProvider">
<constructor-arg>
<bean class="org.springframework.security.ldap.authentication.BindAuthenticator">
<constructor-arg ref="ldapServer2" />
<property name="userSearch" ref="userSearch2"/>
</bean>
</constructor-arg>
<constructor-arg ref="authoritiesPopulator2"/>
</bean>
<bean id="rememberMeAuthenticationProvider" class="com.xebialabs.deployit.security.
authentication.RememberMeAuthenticationProvider"/>
<security:authentication-manager alias="authenticationManager">
<security:authentication-provider ref="rememberMeAuthenticationProvider" />
<security:authentication-provider ref="XlAuthenticationProvider"/>
<security:authentication-provider ref="ldapProvider" />
<security:authentication-provider ref="ldapProvider2" />
</security:authentication-manager>
</beans>
Comments
Please sign in to leave a comment.