LDAP as data source for authorization

This continues the Wizard to create an Authorization Configuration Provider

  1. Enter the URL of your LDAP server at Provider URL.

  2. Enter the appropriate parameters for your LDAP server in Optional Settings.

  3. Click Finish.

    Image not found

Options:

  • Optional Settings

    • Search Base - Defines where in the directory the LDAP search starts.

      • CN - commonName.

      • L - localityName.

      • ST - stateOrProvinceName.

      • O - organizationName.

      • OU - organizationalUnitName.

      • C - countryName.

      • STREET - streetAddress.

      • DC - domainComponent.

      • UID - userid.

  • Suffix - Root, topmost data object of an LDAP data structure.

  • Security Protocol - Optional security protocol (e.g. SASL, SSL).

  • Security Authentication - Standard Security Protocol (none/simple/SASL)

  • Test Connection - Own access data. Only necessary to test the connection.

Result:

Project Management > Business Objects - A AuthorizationConfigurationProvider class is generated.

Example:

package com.company.example.business;

import com.xdev.security.authentication.CredentialsUsernamePassword;
import com.xdev.security.authentication.ldap.LDAPConfiguration;
import com.xdev.security.authentication.ldap.LDAPConfiguration.LDAPConfigurationBuilder;
import com.xdev.security.authorization.AuthorizationConfiguration;
import com.xdev.security.authorization.AuthorizationConfigurationProvider;
import com.xdev.security.authorization.ldap.LDAPAuthorizationConfigurationProvider;

public class ExampleAuthorizationConfigurationProvider implements AuthorizationConfigurationProvider {
    public static ExampleAuthorizationConfigurationProvider New(CredentialsUsernamePassword credentials) {
        return new ExampleAuthorizationConfigurationProvider(credentials);
    }

    private final CredentialsUsernamePassword credentials;
    private AuthorizationConfiguration authorizationConfiguration;

    private ExampleAuthorizationConfigurationProvider(CredentialsUsernamePassword credentials) {
        this.credentials = credentials;
    }

    @Override
    public AuthorizationConfiguration provideConfiguration() {
        if (this.authorizationConfiguration == null) {
            LDAPConfiguration ldapConfiguration = new LDAPConfigurationBuilder(
                    "ldap://192.168.86.8:389/dc=xdevsoftware,dc=local").searchBase("OU=SBSUsers,OU=Users,OU=MyBusiness")
                            .suffix("@XDEVSOFTWARE.LOCAL").securityAuthentication("simple").build();

            this.authorizationConfiguration = new LDAPAuthorizationConfigurationProvider(ldapConfiguration,
                    this.credentials).provideConfiguration();
        }

        return this.authorizationConfiguration;
    }
}