Skip to content
No results
  • ABOUT
  • Privacy Policy
  • URL Encoder / Decoder Tool
ASB Notebook
  • spring boot
  • JAVA
    • Liferay
    • Servlet & JSP
  • Javascript
    • JQuery
    • angular
    • Electron
  • ABOUT
  • Privacy Policy
  • URL Encoder / Decoder Tool
ASB Notebook

Spring Security User Login Example With LDAP

In this article, we will learn how to use the LDAP server and Spring Security to implement user authentication.

We will use an embedded LDAP server to store the user credentials.

Version details:

  • Spring boot version: 2.4.0
  • Java version 11.

Table of Contents

  • Creating the Spring security login with LDAP
  • Configure spring security and embedded LDAP
    • Setup embedded LDAP
    • Configure the spring security
    • Create a secured resource
  • Testing the application
  • Conclusion

Creating the Spring security login with LDAP

Create a new spring boot project. Add below maven dependencies to the application’s pom.xml configuration file.

The unboundid-ldapsdk dependency helps us by setting up an embedded LDAP server during runtime.

Also, the spring-security-ldap dependency provides required support to for the LDAP based security for our application.

<dependency>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
    <groupId>org.springframework.security</groupId>
    <artifactId>spring-security-ldap</artifactId>
</dependency>
<dependency>
    <groupId>com.unboundid</groupId>
    <artifactId>unboundid-ldapsdk</artifactId>
</dependency>

Configure spring security and embedded LDAP

The next step is to configure the application with embedded LDAP.

We will also add required configurations to set up spring security to use the embedded LDAP for user authentication.

Setup embedded LDAP

Create a file with the name server.ldif under the location /src/main/resources/.

In the server.ldif file, we will add LDAP organization, group, and the user details as given below.

We have two users with the first username arun and password 12345 and the second username sara with the password abcd.

dn: dc=asbnotebook,dc=com
objectclass: top
objectclass: domain
objectclass: extensibleObject
dc: asbnotebook
dn: ou=groups,dc=asbnotebook,dc=com
objectclass: top
objectclass: organizationalUnit
ou: groups
dn: uid=arun,ou=groups,dc=asbnotebook,dc=com
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
cn: Arun
sn: Arun
uid: arun
userPassword: 12345
dn: uid=sara,ou=groups,dc=asbnotebook,dc=com
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
cn: Sara
sn: Sara
uid: sara
userPassword: abcd

Also, add the below configuration properties to the application.properties file.

spring.ldap.embedded.ldif=classpath:server.ldif
spring.ldap.embedded.base-dn=dc=asbnotebook,dc=com
spring.ldap.embedded.port=33389

Configure the spring security

Create a spring security configuration class as shown below.

We are configuring the UserDetailsService bean that uses an embedded LDAP server as the spring security context source.

We also have configured a password encoder bean that is used by the spring security.

@Configuration
public class LdapSecurityConfig extends WebSecurityConfigurerAdapter {

    @Bean
    public UserDetailsService userDetailsService() {
        
        var cs = new DefaultSpringSecurityContextSource("ldap://127.0.0.1:33389/dc=asbnotebook,dc=com");
        cs.afterPropertiesSet();
        var manager = new LdapUserDetailsManager(cs);
        manager.setUsernameMapper(new DefaultLdapUsernameToDnMapper("ou=groups", "uid"));
        manager.setGroupSearchBase("ou=groups");
        return manager;
    }

    @Bean
    public PasswordEncoder passwordEncoder() {
        return NoOpPasswordEncoder.getInstance();
    }
}

Create a secured resource

Finally, we can add a secure resource, protected by the spring security from public access.

@RestController
public class HelloController {
    
    @GetMapping("/")
    public String getMessage() {
        return "Hello!";
    }
}

Testing the application

Run the spring boot application.

Open the URL http://localhost:8080/. The spring security login page gets opened, as shown below.

Use the user credentials that we configured earlier.

spring security ldap example

After successful login, we get the below screen.

spring security ldap login

Visit the URL http://8080/logout for logging out the user. The application will as for logout confirmation as shown below.

spring security ldap logout

Click on the Log Out button, and the page gets redirected to the login page.

Conclusion

In this article, we learned how to implement user authentication with spring and embedded LDAP.

We also learned how spring security provides login and logout pages out of the box.

Example code is available on Github.

Related

Copyright © (2016 - 2023) - asbnotebook.com

 

Loading Comments...
 

    x
    x