jomu/shared
1
0
Fork 0
Code Issues Pull Requests 1 Packages Projects Releases 7 Activity

added ldap support

Browse Source
This commit is contained in:
Joern Muehlencord
2018-11-19 17:48:34 +01:00
parent ed0892b1dc
commit c822b30ca0
3 changed files with 83 additions and 56 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
account-ui/src/main/filters/development.properties
View File

@ -1 +1,7 @@
jsf.projectStage=Development jsf.projectStage=Development
shiro.contextFactory = # not defined
shiro.passwordMatcher= passwordMatcher = org.apache.shiro.authc.credential.PasswordMatcher${line.separator}passwordMatcher.passwordService = $passwordService
shiro.ldapRealm = # not defined
shiro.authcStrategy = org.apache.shiro.authc.pam.AllSuccessfulStrategy
shiro.realms = $jdbcRealm

15
account-ui/src/main/filters/production.properties
View File

@ -1 +1,16 @@
jsf.projectStage=Production jsf.projectStage=Production
ldap.url = ldaps://your.domain.com
ldap.user = user
ldap.password = secret
ldap.suffix = @your.domain.com
ldap.fallbackSuffix = @your.domain2
ldap.searchBase = dc=com,dc=domain,dc.your
ldap.searchFilter = (&(objectClass=*)(mail={0}))
## NO CHANGES BEHIND THIS LINE REQUIRED
shiro.contextFactory = contextFactory = org.apache.shiro.realm.ldap.JndiLdapContextFactory${line.separator}contextFactory.url = ${ldap.url}${line.separator}contextFactory.systemUsername = ${ldap.user}${line.separator}contextFactory.systemPassword = ${ldap.password}${line.separator}contextFactory.environment[java.naming.security.protocol] = ssl
shiro.passwordMatcher= passwordMatcher=org.apache.shiro.authc.credential.AllowAllCredentialsMatcher
shiro.ldapRealm = ldapRealm = de.muehlencord.shared.account.util.UserNameActiveDirectoryRealm${line.separator}ldapRealm.principalSuffix = ${ldap.suffix}${line.separator}ldapRealm.fallbackPrincipalSuffix = ${ldap.fallbackSuffix}${line.separator}ldapRealm.ldapContextFactory = $contextFactory${line.separator}ldapRealm.searchBase = ${ldap.searchBase}${line.separator}ldapRealm.searchFilter = ${ldap.searchFilter}${line.separator}ldapRealm.permissionsLookupEnabled=false
shiro.authcStrategy = org.apache.shiro.authc.pam.AllSuccessfulStrategy
shiro.realms=$jdbcRealm,$ldapRealm

14
account-ui/src/main/webapp/WEB-INF/shiro.ini
View File

@ -1,4 +1,8 @@
[main] [main]
# Context factory required for LDAP
${shiro.contextFactory}
cacheManager = org.apache.shiro.cache.MemoryConstrainedCacheManager cacheManager = org.apache.shiro.cache.MemoryConstrainedCacheManager
securityManager.cacheManager = $cacheManager securityManager.cacheManager = $cacheManager
@ -18,8 +22,10 @@ passwordService = org.apache.shiro.authc.credential.DefaultPasswordService
passwordService.hashService = $hashService passwordService.hashService = $hashService
# Required password matcher # Required password matcher
passwordMatcher = org.apache.shiro.authc.credential.PasswordMatcher ${shiro.passwordMatcher}
passwordMatcher.passwordService = $passwordService
# LDAP Realm setup
${shiro.ldapRealm}
# JDBC Realm setup # JDBC Realm setup
jdbcRealm = org.apache.shiro.realm.jdbc.JdbcRealm jdbcRealm = org.apache.shiro.realm.jdbc.JdbcRealm
@ -31,8 +37,8 @@ jdbcRealm.credentialsMatcher = $passwordMatcher
jdbcRealm.dataSource = $datasource jdbcRealm.dataSource = $datasource
# Activate realms # Activate realms
authcStrategy = org.apache.shiro.authc.pam.AllSuccessfulStrategy authcStrategy = ${shiro.authcStrategy}
securityManager.realms = $jdbcRealm securityManager.realms = ${shiro.realms}
securityManager.authenticator.authenticationStrategy = $authcStrategy securityManager.authenticator.authenticationStrategy = $authcStrategy
# Setup authentication filter # Setup authentication filter