-
Mar 14th, 2011, 01:01 PM
#1
ldap Spring security authenticate on multiple values
Is it possible to authenticate based on uid and AD groups to define a user's role(s)?
If so, can you please provide some guidance on what is required?
Thanks
-
Mar 22nd, 2011, 11:35 AM
#2
bump -- does anyone know if this is possible?
-
Mar 23rd, 2011, 05:32 AM
#3
Hi!
I guess I am not really sure what you mean, since you're talking about two different concepts. Authentication deals with user identification (is the user identifiable as a valid user). Authorization deals with user roles (what does the user have access to). These are handled by two separate concerns using any type of security provider. Can you provide a specific example of what you are trying to do? The standard Spr Sec LDAP classes do support flexible methods of authentication (finding the user in LDAP / Active Directory) and authorization (figuring out what groups they belong to), but you can always extend the standard classes to do what you need, if you want.
Thanks!
Peter
Peter Mularien | Blog
Author, Spring Security 3 (Book) - Packt Publishing, Available in print and eBook form
SCJP 5, Oracle DBA
Any postings are my own opinion, and should not be attributed to my employer or clients.
-
Mar 23rd, 2011, 09:34 AM
#4
Peter, thanks for the response.
What I'm trying to do is authenticate a user using the Spring 3 Kerberos extension and then grant them authorization based on Ldap groups / principal names.
I would like to define which principal names / Ldap groups get which particular role within the <security:user-service> section of the context.xml.
Any guidance you (or anyone) can provide would be greatly appreciated. Thanks again for your help.
Tags for this Thread
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
Junior Member
Reply With Quote