Sample for pac4j-ldap?

[Jonathan Labin]

I'm using buji-pac4j to integrate Shiro into my web app that authenticates via a CAS server.

I'd like to have an alternate shiro.ini file in my pocket that authenticates directl to the LDAP server in case of trouble with the CAS server.

Is there a sample shiro.ini file which uses LdapAuthenticator that I could view?

It would really help.

I've seen in the docs where I need to configure an HTTP client with LdapAuthenticator but I'm having trouble finding docs that describe how to initialize these objects.  I'm mostly guessing by trying to replace the settings I had working for CAS with what I see in the source.

I'm configuring in my shiro.ini file and have something along the lines of:

[main]

subjectFactory = io.buji.pac4j.ClientSubjectFactory

securityManager.subjectFactory = $subjectFactory 

ldapAuth = org.pac4j.ldap.credentials.authenticator.LdapAuthenticator
ldapAuth.ldapAuthenticator = some kind of ldaptive Authenticator?
ldapAuth.attributes = some attributes?
ldapClient = org.pac4j.http.client.indirect.IndirectBasicAuthClient

ldapClient.authenticator = $ldapAuth

clients = org.pac4j.core.client.Clients
clients.callbackUrl = https://localhost:8181/myapp/callback

clients.clientsList = $ldapClient

clientsRealm = io.buji.pac4j.ClientRealm

clientsRealm.defaultRoles = ROLE_USER

clientsRealm.clients = $clients

clientsFilter = io.buji.pac4j.ClientFilter

clientsFilter.clients = $clients

clientsFilter.failureUrl = /error.jsp 

 

ldapRoles = io.buji.pac4j.filter.ClientRolesAuthorizationFilter

ldapRoles.client = $ldapClient 

[urls]

/protected/** = ldapRoles[ROLE_USER]

/callback = clientsFilter

/logout = logout

/** = anon

 But clearly ldapAuth.Authenticator and ldapAuth.attributes require values.

[Jérôme LELEU]

Hi,

pac4j (like CAS) relies on Ldaptive for LDAP support. You can take a look at this sample: https://github.com/pac4j/pac4j/blob/master/pac4j-ldap/src/test/java/org/pac4j/ldap/test/tools/AuthenticatorGenerator.java#L33 or read the CAS documentation for LDAP: http://jasig.github.io/cas/4.1.x/installation/LDAP-Authentication.html or directly check out the ldaptive website: http://www.ldaptive.org/

Thanks.

Best regards,

Jérôme

--
You received this message because you are subscribed to the Google Groups "pac4j-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to pac4j-users...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Misagh Moayyed]

Also, note that CAS 4.2 has built-in support for Apache Shiro:

https://jasig.github.io/cas/4.2.x/installation/Shiro-Authentication.html

This email has been sent from a virus-free computer protected by Avast. www.avast.com