Spring Security LDAP Authentication Tutorial

Here we will learn how to provide authentication, authorization and security related stuff with the help of LDAP Server. Active directory is an LDAP implementation by Microsoft for Windows. Current tutorial will use AD as LDAP server.

Technology Used

  1. Spring Security 3.1 (Requires Java1.5 and Spring 3.0.6)
  2. Spring 3.0.6
  3. Java 1.6

Configuring LDAP Authentication Provider

<authentication-manager>
   <authentication-provider ref="ldapActiveDirectoryAuthProvider"/>
</authentication-manager>

<bean id="ldapActiveDirectoryAuthProvider" class="org.springframework.security.ldap.authentication.ad.ActiveDirectoryLdapAuthenticationProvider">

<!--Domain Name-->
<constructor-arg value="abc.com" />
<!--LDAP URL-->
<constructor-arg value="ldap://abc.com:339/" />
</bean>

This is it. You don’t need to provide any other configuration.
Note here we have provided port no as 339. Which is the port for ldap. But if you want to use ldaps then port no would be 636.
If you are using ldaps you might face error like

javax.net.ssl.SSLHandshakeException:
sun.security.validator.ValidatorException: PKIX path building failed:
sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

Reason for above error is that Certificate returned during SSL handshake is not signed by any authority in simple word there is no Certificate configured in your JRE keystore.
To resolve this error you need to add returned certificate from LDAP server in your JRE keystore either in cacerts or jssecacerts. These two files are inside “C:Program FilesJavajdk1.6.0jrelibsecurity” folder. You can use “InstallCert.java” open source program for this purpose. It will add the certificate in keystore.

By | 2017-11-18T13:46:27+00:00 April 18th, 2012|Spring Security|1 Comment

About the Author:

One Comment

  1. David Pham August 12, 2016 at 1:30 am - Reply

    Great post. I really love it

Leave A Comment