CODEWITHSUNDEEP
javaspringspring-bootldap
Melissa Poher
Melissa Poher

Reputation: 21

Spring Boot configuration - 2 configuration LDAP - Yml File

I would like to use 2 differents ldap configuration in my application. My file is an application.yml : 

management:

context-path: /management
health:
    mail:
        enabled: false # When using the MailService, configure an SMTP server and set this to true

spring:
    application:
        name: matrice2
    profiles:
    # The commented value for `active` can be replaced with valid spring profiles to load.
    # Otherwise, it will be filled in by maven when building the WAR file
    # Either way, it can be overridden by `--spring.profiles.active` value passed in the commandline or `-Dspring.profiles.active` set in `JAVA_OPTS`
        active: #spring.profiles.active#
    jpa:
        open-in-view: false
        hibernate:
            ddl-auto: none
            naming-strategy: org.springframework.boot.orm.jpa.hibernate.SpringNamingStrategy
    messages:
        basename: i18n/messages
    mvc:
        favicon:
            enabled: false
    thymeleaf:
        mode: XHTML

security:

    basic:
        enabled: false


jhipster: 
    async:
        corePoolSize: 2
        maxPoolSize: 50
        queueCapacity: 10000
    mail:
        from: matrice2@localhost
    swagger:
        title: matrice2 API
        description: matrice2 API documentation
        version: 0.0.1
        termsOfServiceUrl:
        contactName:
        contactUrl:
        contactEmail:
        license:
        licenseUrl:
ldap:
    url: ldap://ldap.east.app.company.com:389
    base: DC=west,DC=app,DC=company,DC=com
    manager:
        dn: CN=toto,OU=CDS,OU=Company_Commun,DC=west,DC=app,DC=company,DC=com
    password: toto    
    grpAdmin : GRP_PROJECT_ADMIN
    grpUser : GRP_PROJECT_ADMIN


ldap:
    url: ldap://ba-dc1.app.company.com:389
    base: DC=app,DC=company,DC=com
    manager:
        dn: CN=ad_c_s,OU=C_d_S,DC=app,DC=company,DC=com
        password: toto!service    
    grpAdmin : GRP_PROJECT_ADMIN
    grpUser : GRP_PROJECT_ADMIN

And I get this mistakes :

Exception in thread "restartedMain" java.lang.reflect.InvocationTargetException
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:497)
at org.springframework.boot.devtools.restart.RestartLauncher.run(RestartLauncher.java:49)
Caused by: while parsing MappingNode
in 'reader', line 14, column 1:
management:

Duplicate key : ldap in 'reader', line 97, column 1.

Is there a way to have multiple configuration ldap ?? Does someone have an idea ??

Thanks

Upvotes: 2

Views: 6487

Answers (1)

daniel.eichten
daniel.eichten

Reputation: 2555

We had a similar Problem. You'll have to enroll your own WebSecurityConfig to make it work as well as your own @ConfigProperies. The approach is not ideal cause it needs code change if you change the amount of LDAP Servers you want to authenticate against but that shouldn't be a big problem. Since for our systems the credentials are the same we only have one LDAP Settings, maybe you'll have to tweak this. But this should give you a hint.

application.yaml

ldap:
  amUrl: ldaps://us-server
  emeaUrl: ldaps://eu-server
  bindCn: CN=blah,OU=blah,DC=blah,DC=local
  bindPass: my-secret-password

SecurityConfigProperties

@Data
@ConfigurationProperties(prefix = "ldap")
public class SecurityConfigProperties {
    private String emeaLdapUrl;
    private String amLdapUrl;
    private int ldapPort;
    private String bindCn;
    private String bindPass; 
}

SecurityConfig

@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {

    // Don't hit me for this Oli!
    @Autowired
    private SecurityConfigProperties conf;

    @Autowired
    public void configureGlobal(AuthenticationManagerBuilder authBuilder) throws Exception {
        authBuilder
            .ldapAuthentication()
            .userSearchFilter("(sAMAccountName={0})")
            .userSearchBase("dc=am,dc=blah,dc=local")
            .groupSearchBase("ou=groups,dc=am,dc=blah,dc=local")
            .groupSearchFilter("member={0}")
            .contextSource()
                .url(conf.getAmLdapUrl())
                .managerDn(conf.getBindCn())
                .managerPassword(conf.getBindPass())
            .and()          
            .and()
            .ldapAuthentication()
            .userSearchFilter("(sAMAccountName={0})")
            .userSearchBase("dc=emea,dc=blah,dc=local")
            .groupSearchBase("ou=groups,dc=emea,dc=blah,dc=local")
            .groupSearchFilter("member={0}")
            .contextSource()
                .url(conf.getEmeaLdapUrl())
                .managerDn(conf.getBindCn()) 
                .managerPassword(conf.getBindPass())
        ;
    }
}

Hope that helps!

Upvotes: 1

Related Questions