How can I get the user information using Spring Security with LDAP

Question

Im using Spring 3.1.1 with Spring Security 3.2.0 with LDAP authencitation. I have gotten it to a point that works fine and I can log in using my LDAP username and password, I can even display the username with this

<security:authentication property="principal.username" />, is currently logged in.

I want to know how, if at all possible, can I get the first name, surname, email address or other information like that stored in my LDAP credentials.

I've tried property="credentials" but this returns null...

PLEASE HELP!!

Answer 1

Implement your own UserDetailsContextMapper and load LDAP user properties into the UserDetails object

http://docs.spring.io/spring-security/site/docs/3.2.x/reference/htmlsingle/#ldap-custom-user-details

Answer 2

This is eerily similar to my question a few days ago:

How do I use a custom authorities populator with Spring Security and the ActiveDirectoryLdapAuthenticationProvider?

If you're not using Active Directory, you can simply extend the LdapAuthenticationProvider class and override the loadUserAuthorities method, in which you can capture the relevant user information based on the LDAP attributes for the user:

String firstName = userData.getStringAttribute("givenName");
String lastName = userData.getStringAttribute("sn");

//etc.

You can store these wherever or however you like, and you're only limited to the attributes available via LDAP. Then, you'd have to specify your LdapAuthoritiesProvider in the appropriate bean (ldapAuthoritiesPopulator, if memory serves).

I believe the above will work for non-AD LDAP, but you'll obviously need to test it to be sure. I recommend the LDAP browser for Eclipse provided by Apache Studios, if you're not already using it.