Spring project using CAS for Authentication and LDAP for Authorities
Can I have a Spring 3 project that would use CAS for Authentication and LDAP for Authorities? My Spring project used to use LDAP for Authentication and Authorities but we are moving to CAS for Authentication and SSO but I dont see anyway to use LDAP for Authorities. Below is my XML file can someone help me out here.
Code:<?xml version="1.0" encoding="UTF-8"?> <b:beans xmlns:b="http://www.springframework.org/schema/beans" xmlns="http://www.springframework.org/schema/security" xmlns:p="http://www.springframework.org/schema/p" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:context="http://www.springframework.org/schema/context" xmlns:util="http://www.springframework.org/schema/util" xsi:schemaLocation="http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.1.xsd http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util-3.1.xsd http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd"> <http entry-point-ref="casEntryPoint" use-expressions="true"> <intercept-url pattern="/" access="permitAll" /> <intercept-url pattern="/index.jsp" access="permitAll" /> <intercept-url pattern="/cas-logout.jsp" access="permitAll" /> <intercept-url pattern="/casfailed.jsp" access="permitAll" /> <intercept-url pattern="/secure/**" access="hasRole('ROLE_USER')" /> <intercept-url pattern="/requests/**" access="hasRole('ROLE_MEMBER_INQUIRY')" /> <custom-filter ref="requestSingleLogoutFilter" before="LOGOUT_FILTER" /> <custom-filter ref="singleLogoutFilter" before="CAS_FILTER" /> <custom-filter ref="casFilter" position="CAS_FILTER" /> <logout logout-success-url="/cas-logout.jsp" /> </http> <authentication-manager alias="authManager"> <authentication-provider ref="casAuthProvider" /> </authentication-manager> <user-service id="userService"> <user name="rod" password="rod" authorities="ROLE_SUPERVISOR,ROLE_USER" /> <user name="cpilling04@aol.com.dev" password="testing" authorities="ROLE_MEMBER_INQUIRY" /> </user-service> <!-- This filter handles a Single Logout Request from the CAS Server --> <b:bean id="singleLogoutFilter" class="org.jasig.cas.client.session.SingleSignOutFilter" /> <!-- This filter redirects to the CAS Server to signal Single Logout should be performed --> <b:bean id="requestSingleLogoutFilter" class="org.springframework.security.web.authentication.logout.LogoutFilter" p:filterProcessesUrl="/j_spring_cas_security_logout"> <b:constructor-arg value="https://${cas.server.host}/cas-server-webapp/logout" /> <b:constructor-arg> <b:bean class="org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler" /> </b:constructor-arg> </b:bean> <b:bean id="serviceProperties" class="org.springframework.security.cas.ServiceProperties" p:service="https://${cas.service.host}/MemberInquiry/j_spring_cas_security_check" p:authenticateAllArtifacts="true" /> <b:bean id="casEntryPoint" class="org.springframework.security.cas.web.CasAuthenticationEntryPoint" p:serviceProperties-ref="serviceProperties" p:loginUrl="https://${cas.server.host}/cas-server-webapp/login" /> <b:bean id="casFilter" class="org.springframework.security.cas.web.CasAuthenticationFilter" p:authenticationManager-ref="authManager" p:serviceProperties-ref="serviceProperties" p:proxyGrantingTicketStorage-ref="pgtStorage" p:proxyReceptorUrl="/j_spring_cas_security_proxyreceptor"> <b:property name="authenticationDetailsSource"> <b:bean class="org.springframework.security.cas.web.authentication.ServiceAuthenticationDetailsSource" /> </b:property> <b:property name="authenticationFailureHandler"> <b:bean class="org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler" p:defaultFailureUrl="/casfailed.jsp" /> </b:property> <b:property name="authenticationSuccessHandler"> <b:bean class="org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler" p:defaultTargetUrl="/requests/add.html" /> </b:property> </b:bean> <!-- NOTE: In a real application you should not use an in memory implementation. You will also want to ensure to clean up expired tickets by calling ProxyGrantingTicketStorage.cleanup() --> <b:bean id="pgtStorage" class="org.jasig.cas.client.proxy.ProxyGrantingTicketStorageImpl" /> <b:bean id="casAuthProvider" class="org.springframework.security.cas.authentication.CasAuthenticationProvider" p:serviceProperties-ref="serviceProperties" p:key="casAuthProviderKey"> <b:property name="authenticationUserDetailsService"> <b:bean class="org.springframework.security.core.userdetails.UserDetailsByNameServiceWrapper"> <b:constructor-arg ref="userService" /> </b:bean> </b:property> <b:property name="ticketValidator"> <b:bean class="org.jasig.cas.client.validation.Cas20ProxyTicketValidator" p:acceptAnyProxy="true" p:proxyCallbackUrl="https://${cas.service.host}/MemberInquiry/j_spring_cas_security_proxyreceptor" p:proxyGrantingTicketStorage-ref="pgtStorage"> <b:constructor-arg value="https://${cas.server.host}/cas-server-webapp" /> </b:bean> </b:property> <b:property name="statelessTicketCache"> <b:bean class="org.springframework.security.cas.authentication.EhCacheBasedTicketCache"> <b:property name="cache"> <b:bean class="net.sf.ehcache.Cache" init-method="initialise" destroy-method="dispose"> <b:constructor-arg value="casTickets" /> <b:constructor-arg value="50" /> <b:constructor-arg value="true" /> <b:constructor-arg value="false" /> <b:constructor-arg value="3600" /> <b:constructor-arg value="900" /> </b:bean> </b:property> </b:bean> </b:property> </b:bean> <!-- Configuration for the environment can be overriden by system properties --> <context:property-placeholder system-properties-mode="OVERRIDE" properties-ref="environment" /> <util:properties id="environment"> <b:prop key="cas.service.host">wcmisdlin07.uftmasterad.org:8443</b:prop> <b:prop key="cas.server.host">wcmisdlin07.uftmasterad.org:8443</b:prop> </util:properties> </b:beans>
