rave-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ja...@apache.org
Subject svn commit: r1236679 - in /incubator/rave/trunk: ./ rave-components/rave-web/ rave-components/rave-web/src/main/java/org/apache/rave/portal/web/security/ rave-components/rave-web/src/test/java/org/apache/rave/portal/web/security/ rave-portal-dependenci...
Date Fri, 27 Jan 2012 13:33:40 GMT
Author: jasha
Date: Fri Jan 27 13:33:40 2012
New Revision: 1236679

URL: http://svn.apache.org/viewvc?rev=1236679&view=rev
Log:
RAVE-444 add out of the box ldap authentication with one way userdetail copy (from LDAP to
Rave)

Added:
    incubator/rave/trunk/rave-components/rave-web/src/main/java/org/apache/rave/portal/web/security/
    incubator/rave/trunk/rave-components/rave-web/src/main/java/org/apache/rave/portal/web/security/LdapUserDetailsContextMapper.java
    incubator/rave/trunk/rave-components/rave-web/src/test/java/org/apache/rave/portal/web/security/
    incubator/rave/trunk/rave-components/rave-web/src/test/java/org/apache/rave/portal/web/security/LdapUserDetailsContextMapperTest.java
    incubator/rave/trunk/rave-portal-resources/src/main/resources/users.ldiff
Modified:
    incubator/rave/trunk/pom.xml
    incubator/rave/trunk/rave-components/rave-web/pom.xml
    incubator/rave/trunk/rave-portal-dependencies/pom.xml
    incubator/rave/trunk/rave-portal-resources/pom.xml
    incubator/rave/trunk/rave-portal-resources/src/main/webapp/WEB-INF/applicationContext-security.xml
    incubator/rave/trunk/rave-portal/pom.xml

Modified: incubator/rave/trunk/pom.xml
URL: http://svn.apache.org/viewvc/incubator/rave/trunk/pom.xml?rev=1236679&r1=1236678&r2=1236679&view=diff
==============================================================================
--- incubator/rave/trunk/pom.xml (original)
+++ incubator/rave/trunk/pom.xml Fri Jan 27 13:33:40 2012
@@ -46,7 +46,7 @@
     <properties>
         <apache.shindig.version>3.0.0-beta4</apache.shindig.version>
         <org.springframework.version>3.1.0.RELEASE</org.springframework.version>
-        <org.springframework.mobile.version>1.0.0.M3</org.springframework.mobile.version>
       
+        <org.springframework.mobile.version>1.0.0.M3</org.springframework.mobile.version>
         <jstl.version>1.2</jstl.version>
         <javax.servlet.version>2.5</javax.servlet.version>
         <jsp-api.version>2.1</jsp-api.version>
@@ -71,6 +71,7 @@
         <org.hamcrest.version>1.1</org.hamcrest.version>
         <tiles.version>2.2.2</tiles.version>
         <recaptcha4j.version>0.0.7</recaptcha4j.version>
+        <apacheds.version>1.5.5</apacheds.version>
 
         <!-- The location of Rave's H2 file DB. No trailing / -->
         <rave.database.location>/tmp/rave_db</rave.database.location>
@@ -243,6 +244,11 @@
                 <version>${org.springframework.version}</version>
             </dependency>
             <dependency>
+                <groupId>org.springframework.security</groupId>
+                <artifactId>spring-security-ldap</artifactId>
+                <version>${org.springframework.version}</version>
+            </dependency>
+            <dependency>
                 <groupId>org.springframework</groupId>
                 <artifactId>spring-core</artifactId>
                 <version>${org.springframework.version}</version>
@@ -256,7 +262,7 @@
                     <artifactId>spring-web</artifactId>
                 </exclusion>
             </exclusions>
-            </dependency>                        
+            </dependency>
             <dependency>
                 <groupId>com.google.inject.extensions</groupId>
                 <artifactId>guice-persist</artifactId>
@@ -393,6 +399,20 @@
                 <version>${recaptcha4j.version}</version>
             </dependency>
 
+            <!-- ApacheDS (LDAP) -->
+            <dependency>
+                <groupId>org.apache.directory.server</groupId>
+                <artifactId>apacheds-core</artifactId>
+                <version>${apacheds.version}</version>
+            </dependency>
+
+            <dependency>
+                <groupId>org.apache.directory.server</groupId>
+                <artifactId>apacheds-server-jndi</artifactId>
+                <version>${apacheds.version}</version>
+            </dependency>
+
+
             <!-- Test -->
             <dependency>
                 <groupId>junit</groupId>

Modified: incubator/rave/trunk/rave-components/rave-web/pom.xml
URL: http://svn.apache.org/viewvc/incubator/rave/trunk/rave-components/rave-web/pom.xml?rev=1236679&r1=1236678&r2=1236679&view=diff
==============================================================================
--- incubator/rave/trunk/rave-components/rave-web/pom.xml (original)
+++ incubator/rave/trunk/rave-components/rave-web/pom.xml Fri Jan 27 13:33:40 2012
@@ -61,6 +61,10 @@
             <artifactId>spring-security-web</artifactId>
         </dependency>
         <dependency>
+            <groupId>org.springframework.security</groupId>
+            <artifactId>spring-security-ldap</artifactId>
+        </dependency>
+        <dependency>
             <groupId>org.springframework.mobile</groupId>
             <artifactId>spring-mobile-device</artifactId>
         </dependency>

Added: incubator/rave/trunk/rave-components/rave-web/src/main/java/org/apache/rave/portal/web/security/LdapUserDetailsContextMapper.java
URL: http://svn.apache.org/viewvc/incubator/rave/trunk/rave-components/rave-web/src/main/java/org/apache/rave/portal/web/security/LdapUserDetailsContextMapper.java?rev=1236679&view=auto
==============================================================================
--- incubator/rave/trunk/rave-components/rave-web/src/main/java/org/apache/rave/portal/web/security/LdapUserDetailsContextMapper.java
(added)
+++ incubator/rave/trunk/rave-components/rave-web/src/main/java/org/apache/rave/portal/web/security/LdapUserDetailsContextMapper.java
Fri Jan 27 13:33:40 2012
@@ -0,0 +1,118 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.rave.portal.web.security;
+
+import org.apache.commons.lang.RandomStringUtils;
+import org.apache.commons.lang.StringUtils;
+import org.apache.rave.portal.model.NewUser;
+import org.apache.rave.portal.model.User;
+import org.apache.rave.portal.service.NewAccountService;
+import org.apache.rave.portal.service.UserService;
+import org.springframework.ldap.core.DirContextAdapter;
+import org.springframework.ldap.core.DirContextOperations;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.ldap.userdetails.UserDetailsContextMapper;
+
+import java.util.Collection;
+
+/**
+ * Mapping class between a Rave User and LDAP user
+ */
+public class LdapUserDetailsContextMapper implements UserDetailsContextMapper {
+
+    private final UserService userService;
+
+    private final NewAccountService newAccountService;
+
+    private final String mailAttributeName;
+
+    private final String displayNameAttributeName;
+
+    private final String pageLayoutCode;
+
+    /**
+     * Creates new {@link LdapUserDetailsContextMapper}
+     *
+     * @param userService              service that can look up user details within Rave
+     * @param newAccountService        service that creates new accounts in Rave
+     * @param mailAttributeName        name of the email attribute in LDAP
+     * @param displayNameAttributeName name of the displayName (pretty name) attribute in
LDAP
+     * @param pageLayoutCode           defines which page layout is assigned in case of a
new Rave user
+     */
+    public LdapUserDetailsContextMapper(UserService userService, NewAccountService newAccountService,
+                                        String mailAttributeName, String displayNameAttributeName,
+                                        String pageLayoutCode) {
+        this.userService = userService;
+        this.newAccountService = newAccountService;
+        this.mailAttributeName = mailAttributeName;
+        this.displayNameAttributeName = displayNameAttributeName;
+        this.pageLayoutCode = pageLayoutCode;
+    }
+
+    /**
+     * {@inheritDoc}
+     */
+    @Override
+    public UserDetails mapUserFromContext(DirContextOperations ctx, String username,
+                                          Collection<? extends GrantedAuthority> authorities)
{
+        if (StringUtils.isBlank(username)) {
+            throw new IllegalArgumentException("Empty username from LDAP");
+        }
+
+        User byUsername = userService.getUserByUsername(username);
+        if (byUsername == null) {
+            createRaveUserFromLdapInfo(ctx, username);
+            byUsername = userService.getUserByUsername(username);
+        }
+
+        return byUsername;
+    }
+
+    private void createRaveUserFromLdapInfo(DirContextOperations ctx, String username) {
+        NewUser newUser = new NewUser();
+        newUser.setUsername(username);
+
+        if (!ctx.attributeExists(mailAttributeName) || StringUtils.isBlank(ctx.getStringAttribute(mailAttributeName)))
{
+            throw new RuntimeException("Missing LDAP attribute for email for user " + username);
+        }
+
+        newUser.setEmail(ctx.getStringAttribute(mailAttributeName));
+        if (ctx.attributeExists(displayNameAttributeName)) {
+            newUser.setDisplayName(ctx.getStringAttribute(displayNameAttributeName));
+        }
+        newUser.setPassword(RandomStringUtils.random(16));
+        newUser.setPageLayout(pageLayoutCode);
+        try {
+            newAccountService.createNewAccount(newUser);
+        } catch (Exception e) {
+            throw new RuntimeException("Could not bind LDAP username '{" + username + "}'
to a user", e);
+        }
+    }
+
+    /**
+     * {@inheritDoc}
+     * <p/>
+     * LDAP is leading, no updates from the Rave user database to LDAP
+     */
+    @Override
+    public void mapUserToContext(UserDetails user, DirContextAdapter ctx) {
+    }
+}

Added: incubator/rave/trunk/rave-components/rave-web/src/test/java/org/apache/rave/portal/web/security/LdapUserDetailsContextMapperTest.java
URL: http://svn.apache.org/viewvc/incubator/rave/trunk/rave-components/rave-web/src/test/java/org/apache/rave/portal/web/security/LdapUserDetailsContextMapperTest.java?rev=1236679&view=auto
==============================================================================
--- incubator/rave/trunk/rave-components/rave-web/src/test/java/org/apache/rave/portal/web/security/LdapUserDetailsContextMapperTest.java
(added)
+++ incubator/rave/trunk/rave-components/rave-web/src/test/java/org/apache/rave/portal/web/security/LdapUserDetailsContextMapperTest.java
Fri Jan 27 13:33:40 2012
@@ -0,0 +1,183 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.rave.portal.web.security;
+
+import org.apache.rave.portal.model.User;
+import org.apache.rave.portal.service.NewAccountService;
+import org.apache.rave.portal.service.UserService;
+import org.junit.Before;
+import org.junit.Test;
+import org.springframework.ldap.core.DirContextAdapter;
+import org.springframework.ldap.core.DirContextOperations;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.userdetails.UserDetails;
+
+import java.util.Collections;
+
+import static junit.framework.Assert.assertEquals;
+import static junit.framework.Assert.assertFalse;
+import static junit.framework.Assert.assertTrue;
+import static org.easymock.EasyMock.createMock;
+import static org.easymock.EasyMock.expect;
+import static org.easymock.EasyMock.expectLastCall;
+import static org.easymock.EasyMock.replay;
+import static org.easymock.EasyMock.verify;
+
+/**
+ * Test class for {@link LdapUserDetailsContextMapper}
+ */
+public class LdapUserDetailsContextMapperTest {
+
+    private static final String MAIL_ATTRIBUTE_NAME = "mail";
+    private static final String DISPLAY_NAME_ATTRIBUTE_NAME = "displayName";
+
+    private LdapUserDetailsContextMapper contextMapper;
+    private UserService userService;
+
+    @Before
+    public void setUp() throws Exception {
+        userService = createMock(UserService.class);
+        NewAccountService newAccountService = createMock(NewAccountService.class);
+        contextMapper = new LdapUserDetailsContextMapper(userService, newAccountService,
+                MAIL_ATTRIBUTE_NAME, DISPLAY_NAME_ATTRIBUTE_NAME, "columns_3");
+    }
+
+    @Test
+    public void testMapUserFromContext_new() throws Exception {
+        DirContextOperations ctx = createMock(DirContextOperations.class);
+
+        final String username = "johnldap";
+        User user = new User(123L, username);
+
+        expect(userService.getUserByUsername(username)).andReturn(null).once();
+        expect(ctx.attributeExists(MAIL_ATTRIBUTE_NAME)).andReturn(true);
+        expect(ctx.getStringAttribute(MAIL_ATTRIBUTE_NAME)).andReturn("johnldap@example.com").times(2);
+        expect(ctx.attributeExists(DISPLAY_NAME_ATTRIBUTE_NAME)).andReturn(true);
+        expect(ctx.getStringAttribute(DISPLAY_NAME_ATTRIBUTE_NAME)).andReturn("John Ldap");
+        expect(userService.getUserByUsername(username)).andReturn(user).once();
+        expectLastCall();
+
+        replay(userService, ctx);
+
+        final UserDetails userDetails =
+                contextMapper.mapUserFromContext(ctx, username, Collections.<GrantedAuthority>emptyList());
+
+        verify(userService, ctx);
+        assertEquals(user, userDetails);
+    }
+
+    @Test
+    public void testMapUserFromContext_new_no_displayname() throws Exception {
+        DirContextOperations ctx = createMock(DirContextOperations.class);
+
+        final String username = "johnldap";
+        User user = new User(123L, username);
+
+        expect(userService.getUserByUsername(username)).andReturn(null).once();
+        expect(ctx.attributeExists(MAIL_ATTRIBUTE_NAME)).andReturn(true);
+        expect(ctx.getStringAttribute(MAIL_ATTRIBUTE_NAME)).andReturn("johnldap@example.com").times(2);
+        expect(ctx.attributeExists(DISPLAY_NAME_ATTRIBUTE_NAME)).andReturn(false);
+        expect(userService.getUserByUsername(username)).andReturn(user).once();
+        expectLastCall();
+
+        replay(userService, ctx);
+
+        final UserDetails userDetails =
+                contextMapper.mapUserFromContext(ctx, username, Collections.<GrantedAuthority>emptyList());
+
+        verify(userService, ctx);
+        assertEquals(user, userDetails);
+    }
+
+    @Test(expected = IllegalArgumentException.class)
+    public void testMapUserFromContext_new_empty_username() throws Exception {
+        DirContextOperations ctx = createMock(DirContextOperations.class);
+
+        final String username = "";
+
+        contextMapper.mapUserFromContext(ctx, username, Collections.<GrantedAuthority>emptyList());
+
+        assertFalse("Exception thrown", true);
+    }
+
+    @Test(expected = RuntimeException.class)
+    public void testMapUserFromContext_missing_mail() throws Exception {
+        DirContextOperations ctx = createMock(DirContextOperations.class);
+
+        final String username = "johnldap";
+
+        expect(userService.getUserByUsername(username)).andReturn(null).once();
+        expect(ctx.attributeExists(MAIL_ATTRIBUTE_NAME)).andReturn(false);
+
+        replay(userService, ctx);
+
+        contextMapper.mapUserFromContext(ctx, username, Collections.<GrantedAuthority>emptyList());
+
+        verify(userService, ctx);
+        assertFalse("Exception thrown", true);
+    }
+
+    @Test(expected = RuntimeException.class)
+    public void testMapUserFromContext_empty_mail() throws Exception {
+        DirContextOperations ctx = createMock(DirContextOperations.class);
+
+        final String username = "johnldap";
+
+        expect(userService.getUserByUsername(username)).andReturn(null).once();
+        expect(ctx.attributeExists(MAIL_ATTRIBUTE_NAME)).andReturn(true);
+        expect(ctx.getStringAttribute(MAIL_ATTRIBUTE_NAME)).andReturn("").times(1);
+
+        replay(userService, ctx);
+
+        contextMapper.mapUserFromContext(ctx, username, Collections.<GrantedAuthority>emptyList());
+
+        verify(userService, ctx);
+        assertFalse("Exception thrown", true);
+    }
+
+    @Test
+    public void testMapUserFromContext_existing() throws Exception {
+        DirContextOperations ctx = createMock(DirContextOperations.class);
+
+        final String username = "johnldap";
+        User user = new User(123L, username);
+
+        expect(userService.getUserByUsername(username)).andReturn(user);
+        expectLastCall();
+
+        replay(userService);
+
+        final UserDetails userDetails =
+                contextMapper.mapUserFromContext(ctx, username, Collections.<GrantedAuthority>emptyList());
+
+        verify(userService);
+        assertEquals(user, userDetails);
+    }
+
+    @Test
+    public void testMapUserToContext() throws Exception {
+        User user = new User();
+        DirContextAdapter adapter = new DirContextAdapter();
+
+        contextMapper.mapUserToContext(user, adapter);
+
+        assertTrue("Nothing happened", true);
+    }
+}

Modified: incubator/rave/trunk/rave-portal-dependencies/pom.xml
URL: http://svn.apache.org/viewvc/incubator/rave/trunk/rave-portal-dependencies/pom.xml?rev=1236679&r1=1236678&r2=1236679&view=diff
==============================================================================
--- incubator/rave/trunk/rave-portal-dependencies/pom.xml (original)
+++ incubator/rave/trunk/rave-portal-dependencies/pom.xml Fri Jan 27 13:33:40 2012
@@ -55,7 +55,7 @@
             <groupId>org.apache.rave</groupId>
             <artifactId>rave-w3c-provider</artifactId>
         </dependency>
-        
+
         <!-- Spring -->
         <dependency>
             <groupId>org.springframework</groupId>
@@ -94,6 +94,11 @@
         </dependency>
 
         <dependency>
+            <groupId>org.springframework.security</groupId>
+            <artifactId>spring-security-ldap</artifactId>
+        </dependency>
+
+        <dependency>
             <groupId>org.springframework</groupId>
             <artifactId>spring-oxm</artifactId>
             <version>${org.springframework.version}</version>
@@ -113,6 +118,12 @@
             </exclusions>
         </dependency>
 
+        <!-- Apache DS (LDAP) -->
+        <dependency>
+            <groupId>org.apache.directory.server</groupId>
+            <artifactId>apacheds-core</artifactId>
+        </dependency>
+
         <!-- JSTL -->
         <dependency>
             <groupId>org.glassfish.web</groupId>
@@ -134,7 +145,7 @@
             <groupId>org.apache.tiles</groupId>
             <artifactId>tiles-jsp</artifactId>
         </dependency>
-        
+
     </dependencies>
 
 </project>

Modified: incubator/rave/trunk/rave-portal-resources/pom.xml
URL: http://svn.apache.org/viewvc/incubator/rave/trunk/rave-portal-resources/pom.xml?rev=1236679&r1=1236678&r2=1236679&view=diff
==============================================================================
--- incubator/rave/trunk/rave-portal-resources/pom.xml (original)
+++ incubator/rave/trunk/rave-portal-resources/pom.xml Fri Jan 27 13:33:40 2012
@@ -55,6 +55,11 @@
             <scope>provided</scope>
         </dependency>
         <dependency>
+            <groupId>org.springframework.security</groupId>
+            <artifactId>spring-security-ldap</artifactId>
+            <scope>provided</scope>
+        </dependency>
+        <dependency>
             <groupId>org.apache.rave</groupId>
             <artifactId>rave-web</artifactId>
             <scope>provided</scope>
@@ -66,14 +71,14 @@
         </dependency>
     </dependencies>
 
-	 <build>
-		<resources>
-		  <resource>
-			 <directory>src/main/resources</directory>
-			 <filtering>true</filtering>
-		  </resource>
-		</resources>
-		<plugins>
+    <build>
+        <resources>
+            <resource>
+                <directory>src/main/resources</directory>
+                <filtering>true</filtering>
+            </resource>
+        </resources>
+        <plugins>
             <plugin>
                 <groupId>com.googlecode.mavenfilesync</groupId>
                 <artifactId>maven-filesync-plugin</artifactId>

Added: incubator/rave/trunk/rave-portal-resources/src/main/resources/users.ldiff
URL: http://svn.apache.org/viewvc/incubator/rave/trunk/rave-portal-resources/src/main/resources/users.ldiff?rev=1236679&view=auto
==============================================================================
--- incubator/rave/trunk/rave-portal-resources/src/main/resources/users.ldiff (added)
+++ incubator/rave/trunk/rave-portal-resources/src/main/resources/users.ldiff Fri Jan 27 13:33:40
2012
@@ -0,0 +1,59 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+version: 1
+
+dn: ou=groups,dc=rave,dc=apache,dc=org
+objectclass: top
+objectclass: organizationalUnit
+ou: groups
+
+dn: ou=people,dc=rave,dc=apache,dc=org
+objectclass: top
+objectclass: organizationalUnit
+ou: people
+
+dn: uid=janeldap,ou=people,dc=rave,dc=apache,dc=org
+objectclass: top
+objectclass: person
+objectclass: organizationalPerson
+objectclass: inetOrgPerson
+cn: Jane Ldap
+sn: Ldap
+uid: janeldap
+userPassword: janeldap
+displayName: Jane Ldap
+mail: janeldap@example.com
+
+dn: uid=johnldap,ou=people,dc=rave,dc=apache,dc=org
+objectclass: top
+objectclass: person
+objectclass: organizationalPerson
+objectclass: inetOrgPerson
+cn: John Ldap
+sn: Ldap
+uid: johnldap
+userPassword: johnldap
+displayName: John Ldap
+mail: johnldap@example.com
+
+dn: cn=user,ou=groups,dc=rave,dc=apache,dc=org
+objectclass: top
+objectclass: groupOfNames
+cn: user
+member: uid=raveldapuser,ou=people,dc=rave,dc=apache,dc=org
\ No newline at end of file

Modified: incubator/rave/trunk/rave-portal-resources/src/main/webapp/WEB-INF/applicationContext-security.xml
URL: http://svn.apache.org/viewvc/incubator/rave/trunk/rave-portal-resources/src/main/webapp/WEB-INF/applicationContext-security.xml?rev=1236679&r1=1236678&r2=1236679&view=diff
==============================================================================
--- incubator/rave/trunk/rave-portal-resources/src/main/webapp/WEB-INF/applicationContext-security.xml
(original)
+++ incubator/rave/trunk/rave-portal-resources/src/main/webapp/WEB-INF/applicationContext-security.xml
Fri Jan 27 13:33:40 2012
@@ -52,13 +52,32 @@
         <security:remember-me/>
     </security:http>
 
+    <security:ldap-server ldif="classpath:users.ldiff" root="dc=rave,dc=apache,dc=org"
/>
+
     <security:authentication-manager>
+        <security:ldap-authentication-provider
+                group-search-filter="member={0}"
+                group-search-base="ou=groups"
+                user-search-base="ou=people"
+                user-search-filter="uid={0}"
+                user-context-mapper-ref="raveUserContextMapper"/>
+
         <security:authentication-provider
                 user-service-ref="userService">
-            <security:password-encoder ref="passwordEncoder" />
+            <security:password-encoder ref="passwordEncoder"/>
         </security:authentication-provider>
     </security:authentication-manager>
-    
+
+
+
+    <bean id="raveUserContextMapper" class="org.apache.rave.portal.web.security.LdapUserDetailsContextMapper"
>
+        <constructor-arg name="userService" ref="userService"/>
+        <constructor-arg name="newAccountService" ref="defaultNewAccountService"/>
+        <constructor-arg name="mailAttributeName" value="mail"/>
+        <constructor-arg name="displayNameAttributeName" value="displayName"/>
+        <constructor-arg name="pageLayoutCode" value="columns_3"/>
+    </bean>
+
     <!-- enable the spring security annotations -->
     <security:global-method-security secured-annotations="enabled" pre-post-annotations="enabled">
         <security:expression-handler ref="expressionHandler"/>

Modified: incubator/rave/trunk/rave-portal/pom.xml
URL: http://svn.apache.org/viewvc/incubator/rave/trunk/rave-portal/pom.xml?rev=1236679&r1=1236678&r2=1236679&view=diff
==============================================================================
--- incubator/rave/trunk/rave-portal/pom.xml (original)
+++ incubator/rave/trunk/rave-portal/pom.xml Fri Jan 27 13:33:40 2012
@@ -102,17 +102,23 @@
             <artifactId>spring-test</artifactId>
         </dependency>
 
+        <!-- apacheds-server-jndi needed for embedded Apache DS, not needed for external
LDAP -->
+        <dependency>
+            <groupId>org.apache.directory.server</groupId>
+            <artifactId>apacheds-server-jndi</artifactId>
+        </dependency>
+
     </dependencies>
 
     <build>
-	<defaultGoal>install</defaultGoal>
-	<testResources>
-	  <testResource>
-	      <directory>src/test/resources</directory>
-	      <filtering>true</filtering>
-	  </testResource>
-	</testResources>
-		
+        <defaultGoal>install</defaultGoal>
+        <testResources>
+            <testResource>
+                <directory>src/test/resources</directory>
+                <filtering>true</filtering>
+            </testResource>
+        </testResources>
+
         <plugins>
             <plugin>
                 <groupId>org.codehaus.cargo</groupId>
@@ -162,7 +168,7 @@
                         <zipUrlInstaller>
                             <downloadDir>${settings.localRepository}/org/codehaus/cargo/cargo-container-archives</downloadDir>
                             <url>
-                                http://archive.apache.org/dist/tomcat/tomcat-6/v6.0.32/bin/apache-tomcat-6.0.32.tar.gz
+                                http://archive.apache.org/dist/tomcat/tomcat-6/v6.0.35/bin/apache-tomcat-6.0.35.tar.gz
                             </url>
                         </zipUrlInstaller>
                         <systemProperties>



Mime
View raw message