Spring Boot Application connect to LDAP Userstore

In this blog post we are going to connect a sample spring boot application with LDAP based userstore to do the authentication.
First create a LDAP server. I’ve created a sample server using Apache Directory Studio.

Then create a sample spring-boot application with the following dependencies.

<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>1.3.3.RELEASE</version>
<relativePath/>
</parent>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-devtools</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-ldap</artifactId>
</dependency>
<dependency>
<groupId>org.apache.directory.server</groupId>
<artifactId>apacheds-server-jndi</artifactId>
<version>1.5.5</version>
</dependency>
</dependencies>

Then in your sample application extend the WebSecurityConfigurerAdapter class and override the below two methods. Provide the connection details as per the ldap server created above.

@Configuration
@EnableWebSecurity
public class LdapSecurity extends WebSecurityConfigurerAdapter {

@Override
protected void configure(HttpSecurity httpSecurity) throws Exception {
httpSecurity.httpBasic().and().authorizeRequests().anyRequest().authenticated().and().csrf().disable();

}

@Override
protected void configure(AuthenticationManagerBuilder authenticationManagerBuilder) throws Exception {
authenticationManagerBuilder.ldapAuthentication()
.contextSource().url("ldap://localhost:10389/dc=example,dc=com")
.managerDn("uid=admin,ou=system").managerPassword("secret")
.and()
.userSearchBase("ou=users")
.userSearchFilter("(cn={0})");
}
}


That’s it the spring will engage basic authenticate your requests to the webapp.
Now start the app using mvn spring-boot:run or using the java -jar spring-boot-ldap-sample.jar, Access the webapp using http://localhost:8080/ and provide the credentials of a user in the ldap user base. You’ll see the authenticated user’s details after a successful authentication.

Full source to the sample can be found here.

7 thoughts on “Spring Boot Application connect to LDAP Userstore”

  1. Hi Aruna
    I'm facing one issue. I created LDAP server added user with password, when I hit localhost:8080 prompt for username/password comes but when I enters it same popup coming again, it means its not getting authenticated. Can you share u r views/

  2. Probably an issue when connecting to the LDAP. Can you verify those configurations are correct.

    .contextSource().url("ldap://localhost:10389/dc=example,dc=com")
    .managerDn("uid=admin,ou=system").managerPassword("secret")
    .and()
    .userSearchBase("ou=users")
    .userSearchFilter("(cn={0})");

  3. authenticationManagerBuilder.ldapAuthentication()
    .contextSource().url("ldap://localhost:10389/dc=example,dc=com")
    .managerDn("uid=admin,ou=system").managerPassword("secret")
    .and()
    .userSearchBase("ou=users")
    .userSearchFilter("(cn={0})")

Leave a Comment

Your email address will not be published. Required fields are marked *