Spring Security : LDAP truststore, keystore

**muncher** · Aug 26th, 2010, 12:13 PM

Ok, how do I enable or plugin truststore and truststorepassword for LDAP authentication mechanism using spring security framework i.e. where do I configure these parameters, say for example in the security xml !

I am actually, trying to get a config something similar to this -

Code:

        //code from the sample ldap client
.....
        System.setProperty("javax.net.ssl.trustStore","keystore");
        System.setProperty("javax.net.ssl.trustStorePassword","passwd");
......

......
 Hashtable<String,String> env = new Hashtable<String,String>();
            
                env.put( Context.INITIAL_CONTEXT_FACTORY, "com.rrr.xxx.yyyy" );
                env.put( Context.PROVIDER_URL, connectionURL );
            
                // authenticate with given password as current user
                env.put( Context.SECURITY_AUTHENTICATION, "simple" );
                env.put( Context.SECURITY_PRINCIPAL, principal );
                env.put( Context.SECURITY_CREDENTIALS, password );
                env.put("com.sun.jndi.ldap.connect.timeout", LDAP_TIMELIMIT2);

                // create the initial context, this will fail if the password is wrong
                DirContext ctx = new InitialDirContext(env);

I am trying to achieve something to the above in the spring-security framework.

**Luke Taylor** · Aug 26th, 2010, 12:21 PM

LDAPS connections are just SSL so any connection issues are handled at the JRE level. There's nothing LDAP-specific required to enable support for SSL.

Thread: Spring Security : LDAP truststore, keystore

Thread Tools

Display

Spring Security : LDAP truststore, keystore

Posting Permissions