82626

Spring security - specific users

Question:

I am using ldap for authentication of requests.

I have configured by extending WebSecurityConfigurerAdapter and overriding configure(HttpSecurity) and configure(AuthenticationManagerBuilder) methods.

The credentials will be verified using ldap and on top of that, I need to maintain a static list that contains specific usernames to be allowed to access.

Can anyone help with the usernames validation part - do I need to write an extension of AuthenticationProvider to validate credentials and check for username? Just by configurations, I am able to take care of credentials verification.

Answer1:

<blockquote>

do I need to write an extension of AuthenticationProvider to validate credentials and check for username

</blockquote>

Yes. You need to have two different authentication provider. One to validate LDAP user's credential and other for static user list.

So, your <em>configure</em> method looks similar like below,

@Override protected void configure(AuthenticationManagerBuilder auth) throws Exception { auth.authenticationProvider(LDAPProvider); auth.authenticationProvider(StaticUserProvider); }

Here, an order is important because, user's credentials would validate according to above mentioned provider order.i.e first with <em>LDAPProvider</em> then with <em>StaticUserProvider</em>.

Recommend

  • GQL query help - How can I write a query with where clause in GQL ? I am using google appengine data
  • secure iPhone to server communication so that only my app can post data?
  • Query a table in different ways or orderings in Cassandra
  • Can I change font size based on the number of letters? [duplicate]
  • Spring MVC redirect with custom http headers
  • Crafting a LINQ based solution to determine if a set of predicates are satisfied for a pair of colle
  • Read a file in “chunks” using PHP
  • Creating an Order Column for encrypted data
  • VB.NET 2012 Property Set on Property Get
  • Leaflet z-index
  • auth.provider is not set to 'password' when user signs-in with email and password
  • How to know which Linq statement produced the SQL on hand during runtime?
  • How can I extend PHP DOMElement?
  • Easiest way to get current unix timestamp via XSL
  • How to get current document uri in XSLT?
  • Functions in global context
  • Change multiple background-images with jQuery
  • Algorithm for a smudge tool?
  • Email format validation in mvc3 view
  • C# - Is there a limit to the size of an httpWebRequest stream?
  • What is Eclipse's Declaration View used for?
  • Can Jackson SerializationFeature be overridden per field or class?
  • How to add date and time under each post in guestbook in google app engine
  • sending/ receiving email in Java
  • Jquery - Jquery Wysiwyg return html as a string
  • SVN: Merging two branches together
  • Matrix multiplication with MKL
  • How to delete a row from a dynamic generate table using jquery?
  • Android Studio and gradle
  • Proper way to use connect-multiparty with express.js?
  • CSS Applying specific rule for a specific monitor resolution with only CSS is posible?
  • What are the advantages and disadvantages of reading an entire file into a single String as opposed
  • coudnt use logback because of log4j
  • Turn off referential integrity in Derby? is it possible?
  • Add sale price programmatically to product variations
  • Append folder name and increment by 1 using batch script
  • Checking variable from a different class in C#
  • Unable to use reactive element in my shiny app
  • Converting MP3 duration time
  • How do I use LINQ to get all the Items that have a particular SubItem?