How to do LDAP authentication and DataBase authorization in Spring Security

Question

Can I have a Spring Security project where I authenticate against LDAP and set authorities to the authenticated user against a Data Base?

Thanks!

Answer 1

I've achieved the solution for this, answer cames above:

<authentication-manager >
    <authentication-provider ref="ldapAuthProvider" />            
</authentication-manager>


<beans:bean id="contextSource"
    class="org.springframework.security.ldap.DefaultSpringSecurityContextSource">        
<beans:constructor-arg value="ldap://IP:port/...."/>

</beans:bean>

<beans:bean id="ldapAuthProvider"
   class="org.springframework.security.ldap.authentication.LdapAuthenticationProvider">
    <beans:constructor-arg>
    <beans:bean class="org.springframework.security.ldap.authentication.BindAuthenticator">
    <beans:constructor-arg ref="contextSource"/>
    <beans:property name="userSearch" ref="ldapUserSearch" />
    </beans:bean>
    </beans:constructor-arg>
    <beans:constructor-arg>
    <beans:bean
    class="prpa.athos.security.listener.MyLDAPAuthorities">
    </beans:bean>
    </beans:constructor-arg>
    </beans:bean>
    <beans:bean id="authenticationSuccessListener"   
    class="prpa.athos.security.listener.AuthenticationSuccessListener">
    </beans:bean>        
    <beans:bean id="ldapUserSearch"   
    class="org.springframework.security.ldap.search.FilterBasedLdapUserSearch">
    <beans:constructor-arg index="0" value=""/>
    <beans:constructor-arg index="1" value="(uid={0})"/>
    <beans:constructor-arg index="2" ref="contextSource" />
    </beans:bean>

On the class MyLDAPAuthorities I implements the classe LdapAuthoritiesPopulator getting authorities form database.

Answer 2

Yes, you will need a LdapBindAuthenticator and a DAO-based AuthoritiesPopulator.