Facing issue in custom login using Grails, Spring Security, LDAP (AD) user
101 views
Skip to first unread message
Gaurav Kothawade
Jul 17, 2017, 10:39:31 AM7/17/17
to Grails Dev Discuss
Hi
I am able to logged in using LDAP user account credentials, but getting following error:
Here is my custom class please help.
thanks in advance.
package flint.forms
import flint.forms.ActiveDirectoryConfig
import flint.forms.Static
import flint.forms.Tenant
import flint.forms.User
import grails.gorm.multitenancy.Tenants
import org.apache.http.config.ConnectionConfig
import org.springframework.ldap.NamingException
import org.springframework.ldap.core.AttributesMapper
import org.springframework.ldap.core.DirContextOperations
import org.springframework.ldap.core.LdapTemplate
import org.springframework.ldap.core.support.LdapContextSource
import org.springframework.ldap.filter.AndFilter
import org.springframework.ldap.filter.EqualsFilter
import org.springframework.ldap.filter.Filter
import org.springframework.ldap.query.LdapQueryBuilder
import org.springframework.security.authentication.AuthenticationProvider
import org.springframework.security.authentication.BadCredentialsException
import org.springframework.security.authentication.InternalAuthenticationServiceException
import org.springframework.security.authentication.LockedException
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken
import org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
import org.springframework.security.core.Authentication
import org.springframework.security.core.AuthenticationException
import org.springframework.security.core.GrantedAuthority
import org.springframework.security.core.authority.SimpleGrantedAuthority
import org.springframework.security.core.context.SecurityContextHolder
import org.springframework.security.core.userdetails.UserDetails
import org.springframework.security.core.userdetails.UsernameNotFoundException
import org.springframework.security.ldap.authentication.AbstractLdapAuthenticationProvider
import org.springframework.security.ldap.authentication.BindAuthenticator
import org.springframework.security.ldap.authentication.LdapAuthenticationProvider
import org.springframework.security.ldap.authentication.LdapAuthenticator
import org.springframework.security.ldap.authentication.NullLdapAuthoritiesPopulator
import org.springframework.security.ldap.authentication.UserDetailsServiceLdapAuthoritiesPopulator
import org.springframework.security.ldap.ppolicy.PasswordPolicyException
import org.springframework.security.ldap.search.FilterBasedLdapUserSearch
import org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator
import org.springframework.security.ldap.userdetails.LdapAuthoritiesPopulator
import flint.forms.MyUserDetailsContextMapper
import org.springframework.security.ldap.userdetails.NestedLdapAuthoritiesPopulator
import org.xml.sax.Attributes
import static grails.gorm.multitenancy.Tenants.withId
class CustomLdapAuthProvider extends AbstractLdapAuthenticationProvider{
static LdapContextSource ldapContextSource1
static def groupSearchBase
@java.lang.Override
protected DirContextOperations doAuthentication(UsernamePasswordAuthenticationToken auth) {
List<ActiveDirectoryConfig> activeDirectoryConfigList = getAllActiveDirectories()
System.out.println("------------"+activeDirectoryConfigList)
def userData
for(ActiveDirectoryConfig activeDirectory in activeDirectoryConfigList) {
System.out.println("-------------------------------------" + activeDirectory.port)
String url = "ldap://"+activeDirectory.server+":"+activeDirectory.port
ldapContextSource1 = new LdapContextSource();
ldapContextSource1.setUrl(url);
ldapContextSource1.setUserDn(activeDirectory.managerDn);
ldapContextSource1.setPassword(activeDirectory.managerPassword);
/*DefaultLdapAuthoritiesPopulator defaultLdapAuthoritiesPopulator =
new DefaultLdapAuthoritiesPopulator(ldapContextSource, activeDirectory.groupSearchBase);*/
BindAuthenticator authenticator = new BindAuthenticator(ldapContextSource1);
authenticator.setUserSearch(new FilterBasedLdapUserSearch(activeDirectory.searchBase,activeDirectory.searchFilter,ldapContextSource1))
// LdapAuthenticationProvider provider = new LdapAuthenticationProvider(authenticator,defaultLdapAuthoritiesPopulator)
try {
ldapContextSource1.afterPropertiesSet();
userData = authenticator.authenticate(auth);
groupSearchBase = activeDirectory.groupSearchBase
System.out.println("-------------------------------------" + userData)
return userData
} catch (BadCredentialsException e) {
logger.debug("auth failed : BadCredentialsException(" + auth.principal + ")");
throw e;
} catch (Exception e) {
logger.error("auth failed for unexpected exception: " + e.getMessage());
return null;
}
}
}
@java.lang.Override
protected java.util.Collection<? extends GrantedAuthority> loadUserAuthorities(DirContextOperations userData, java.lang.String username, java.lang.String password) {
System.out.println("-========================"+userData.attributes+"username"+username+"passwod"+password)
List<GrantedAuthority> userPermission = new ArrayList<>();
userPermission = new DefaultLdapAuthoritiesPopulator(ldapContextSource1,groupSearchBase).getGrantedAuthorities(userData,username)
def myNewUser = new flint.forms.MyUserDetailsContextMapper().mapUserFromContext(userData,username,userPermission);
System.out.println(userPermission)
return userPermission
}
def getAllActiveDirectories(){
List<ActiveDirectoryConfig> activeDirectoryConfigList
//Find current tenant
String currentTenantId = Tenants.currentId()
//Find current tenant details
Tenant tenant = withId(Static.FIELDS.PRIMARY_SCHEMA) { Tenant.findByDomain(currentTenantId) }
System.out.println("------------"+tenant.id)
//Find all Active directory config of current tenant
withId(currentTenantId) {
activeDirectoryConfigList = ActiveDirectoryConfig.findAllByTenantId(tenant.id)
}
return activeDirectoryConfigList
}
}
Reply all
Reply to author
Forward
0 new messages