LdapAuthenticator questions
278 views
Skip to first unread message
Min Zhou
Mar 5, 2014, 12:56:10 PM3/5/14
to spray...@googlegroups.com
Hi all,
I am a newbie of scala and spray. Currently, I am using spray.io to implement a LDAP based authentication. I don't know how to use the LdapAuthenticator, especially on how to config a LdapAuthConfig and pass it to the LdapAuthenticator. Can anyone show me an example?
Thanks,
Min
I am a newbie of scala and spray. Currently, I am using spray.io to implement a LDAP based authentication. I don't know how to use the LdapAuthenticator, especially on how to config a LdapAuthConfig and pass it to the LdapAuthenticator. Can anyone show me an example?
Thanks,
Min
Mathias Doenitz
Mar 10, 2014, 10:33:01 AM3/10/14
to spray...@googlegroups.com
Min,
sorry for not getting back to you earlier!
> I am a newbie of scala and spray. Currently, I am using spray.io to implement a LDAP based authentication. I don't know how to use the LdapAuthenticator, especially on how to config a LdapAuthConfig and pass it to the LdapAuthenticator. Can anyone show me an example?
If you show us what you already have or what exactly you have trouble with it would be a bit easier for us to give advice…
Cheers,
Mathias
---
mat...@spray.io
http://spray.io
> --
> You received this message because you are subscribed to the Google Groups "spray.io User List" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to spray-user+...@googlegroups.com.
> Visit this group at http://groups.google.com/group/spray-user.
> To view this discussion on the web visit https://groups.google.com/d/msgid/spray-user/5c17ee01-4c49-4a93-92e6-1ef8f8e8e899%40googlegroups.com.
> For more options, visit https://groups.google.com/groups/opt_out.
sorry for not getting back to you earlier!
> I am a newbie of scala and spray. Currently, I am using spray.io to implement a LDAP based authentication. I don't know how to use the LdapAuthenticator, especially on how to config a LdapAuthConfig and pass it to the LdapAuthenticator. Can anyone show me an example?
Cheers,
Mathias
---
mat...@spray.io
http://spray.io
> You received this message because you are subscribed to the Google Groups "spray.io User List" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to spray-user+...@googlegroups.com.
> Visit this group at http://groups.google.com/group/spray-user.
> To view this discussion on the web visit https://groups.google.com/d/msgid/spray-user/5c17ee01-4c49-4a93-92e6-1ef8f8e8e899%40googlegroups.com.
> For more options, visit https://groups.google.com/groups/opt_out.
path storm
Mar 14, 2015, 2:56:29 PM3/14/15
to spray...@googlegroups.com
Hello Mathias,
I am new to scala and spray.io. I am trying to implement LDAP custom authenticator. Please let me know if the below implementation is correct Thank you in advance.
ASUser.scala
------------
package com.as.utils
case class ASUser(username: String, password: String, role: String)
class AuthInfo(val user: ASUser) {
def hasPermission(permission: String) = {
true // Timebeing authorization is not handled.
}
}
ASLdapAuthenticator.scala
-------------------------
package com.as.utils
import javax.naming.directory.SearchControls
import spray.routing.authentication._
import spray.routing.directives.AuthMagnet
import scala.concurrent.duration.Duration
import scala.concurrent.{Await, ExecutionContext, Future}
object LDAP {
val asLdapAuthConfig = new LdapAuthConfig[ASUser] {
def contextEnv(user: String, pass: String): Seq[(String, String)] = {
Seq {
javax.naming.Context.PROVIDER_URL -> "ldap://localhost:10389"
}
}
var searchCredentials = "uid=admin,ou=system" -> "secret"
def searchBase(user: String) = {
"ou=people, o=pathstorm"
}
def searchFilter(user: String): String = {
"(uid=%s)" format user
}
def configureSearchControls(searchControls: SearchControls, user: String) = {
searchControls.setSearchScope(SearchControls.SUBTREE_SCOPE)
searchControls.setReturningAttributes(Array("givenName", "cn"))
}
def createUserObject(queryResult: LdapQueryResult): Option[ASUser] = {
Some(new ASUser(queryResult.name, queryResult.fullName, ""))
}
}
}
trait ASLdapAuthenticator {
def asLdapAuthenticator(implicit ec: ExecutionContext): AuthMagnet[AuthInfo] = {
def validateUser(userPass: Option[UserPass]): Future[Option[AuthInfo]] = {
import com.as.utils.LDAP.asLdapAuthConfig
LdapAuthenticator.apply(asLdapAuthConfig).apply(userPass).flatMap {
result => Future {
if (result != None) {
Option(new AuthInfo(result.get))
} else None
}
}
}
def authenticator(userPass: Option[UserPass]): Future[Option[AuthInfo]] = Future {
Await.result(validateUser(userPass), Duration.Inf)
}
BasicAuth(authenticator _, realm = "AS Private")
}
}
ASService.scala
---------------
get {
authenticate(asLdapAuthenticator) { authInfo =>
...
}
}
Thank you,
pathstorm
Mathias Doenitz
Mar 16, 2015, 5:18:19 AM3/16/15
to spray...@googlegroups.com
> I am new to scala and spray.io. I am trying to implement LDAP custom authenticator. Please let me know if the below implementation is correct Thank you in advance.
Does it work as expected?
> For more options, visit https://groups.google.com/d/optout.
path storm
Mar 16, 2015, 5:49:46 AM3/16/15
to spray...@googlegroups.com
Thank you Mathias,
I just used Apache ab as below
ab -k -n 2 -c 1 -v 1 -A actualusername:actualpassword http://127.0.0.1:8080/ldapaccess
It gets the result as expected.
And when I gave wrong username/password, it gave me the following error
HTTP/1.1 401 Unauthorized
Server: spray-can/1.3.2
Date: Mon, 16 Mar 2015 09:40:09 GMT
WWW-Authenticate: Basic realm="AS Private"
Content-Type: text/plain; charset=UTF-8
Connection: Keep-Alive
Content-Length: 38
So I assumed it was working, please correct me if something is wrong.
Also, I am sure the performance of this call will go for a toss since every such request is validating against LDAP. Any suggestions to improve?
Thank you,
pathstorm
Reply all
Reply to author
Forward
0 new messages