From c5eb1c570a7d9708d51c1420be5d9314cbd6cf94 Mon Sep 17 00:00:00 2001
From: DOHA <dohae243@gmail.com>
Date: Mon, 28 Dec 2015 12:04:08 +0200
Subject: [PATCH] modify ldap configuration

---
 spring-security-mvc-ldap/pom.xml              | 19 +---------
 .../org/baeldung/SampleLDAPApplication.java   |  4 +--
 .../org/baeldung/security/SecurityConfig.java | 13 +++----
 .../src/main/resources/templates/login.html   |  2 +-
 .../src/main/resources/webSecurityConfig.xml  | 36 +++++++++++++++++++
 5 files changed, 44 insertions(+), 30 deletions(-)
 create mode 100644 spring-security-mvc-ldap/src/main/resources/webSecurityConfig.xml

diff --git a/spring-security-mvc-ldap/pom.xml b/spring-security-mvc-ldap/pom.xml
index 00165bd740..5282f76a7e 100644
--- a/spring-security-mvc-ldap/pom.xml
+++ b/spring-security-mvc-ldap/pom.xml
@@ -35,29 +35,13 @@
             <artifactId>spring-security-ldap</artifactId>
         </dependency>
 
-        <dependency>
-            <groupId>org.springframework.ldap</groupId>
-            <artifactId>spring-ldap-core</artifactId>
-            <version>2.0.3.RELEASE</version>
-        </dependency>
-        <dependency>
-            <groupId>org.springframework.ldap</groupId>
-            <artifactId>spring-ldap-core-tiger</artifactId>
-            <version>2.0.3.RELEASE</version>
-        </dependency>
-
         <dependency>
             <!-- Is the ApacheDS server - 1.5.6 and 1.5.7 don't work -->
             <groupId>org.apache.directory.server</groupId>
             <artifactId>apacheds-server-jndi</artifactId>
             <version>1.5.5</version>
         </dependency>
-        <dependency>
-            <groupId>org.apache.mina</groupId>
-            <artifactId>mina-core</artifactId>
-            <version>2.0.9</version>
-        </dependency>
-
+        
     </dependencies>
 
     <build>
@@ -74,7 +58,6 @@
             <plugin>
                 <groupId>org.apache.maven.plugins</groupId>
                 <artifactId>maven-compiler-plugin</artifactId>
-                <version>${maven-compiler-plugin.version}</version>
                 <configuration>
                     <source>1.8</source>
                     <target>1.8</target>
diff --git a/spring-security-mvc-ldap/src/main/java/org/baeldung/SampleLDAPApplication.java b/spring-security-mvc-ldap/src/main/java/org/baeldung/SampleLDAPApplication.java
index 454e52d1d5..4bcb255046 100644
--- a/spring-security-mvc-ldap/src/main/java/org/baeldung/SampleLDAPApplication.java
+++ b/spring-security-mvc-ldap/src/main/java/org/baeldung/SampleLDAPApplication.java
@@ -3,16 +3,14 @@ package org.baeldung;
 import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
 import org.springframework.context.annotation.ComponentScan;
-import org.springframework.scheduling.annotation.EnableScheduling;
 import org.springframework.web.servlet.config.annotation.ViewControllerRegistry;
 import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
 
 /**
  * Main Application Class - uses Spring Boot. Just run this as a normal Java
  * class to run up a Jetty Server (on http://localhost:8080)
- * 
+ *
  */
-@EnableScheduling
 @EnableAutoConfiguration
 @ComponentScan("org.baeldung")
 public class SampleLDAPApplication extends WebMvcConfigurerAdapter {
diff --git a/spring-security-mvc-ldap/src/main/java/org/baeldung/security/SecurityConfig.java b/spring-security-mvc-ldap/src/main/java/org/baeldung/security/SecurityConfig.java
index c9bb5b74ae..ee72ee7891 100644
--- a/spring-security-mvc-ldap/src/main/java/org/baeldung/security/SecurityConfig.java
+++ b/spring-security-mvc-ldap/src/main/java/org/baeldung/security/SecurityConfig.java
@@ -1,29 +1,26 @@
 package org.baeldung.security;
 
-import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
-import org.springframework.context.annotation.ComponentScan;
+import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
-import org.springframework.stereotype.Controller;
 
 /**
  * Security Configuration - LDAP and HTTP Authorizations.
  */
-@EnableAutoConfiguration
-@ComponentScan
-@Controller
+@Configuration
+// @ImportResource({ "classpath:webSecurityConfig.xml" })
 public class SecurityConfig extends WebSecurityConfigurerAdapter {
 
     @Override
     protected void configure(AuthenticationManagerBuilder auth) throws Exception {
-        auth.ldapAuthentication().userSearchBase("ou=people").userSearchFilter("(uid={0})").groupSearchBase("ou=groups").groupSearchFilter("member={0}").contextSource().root("dc=baeldung,dc=com").ldif("classpath:users.ldif");
+        auth.ldapAuthentication().userSearchBase("ou=people").userSearchFilter("(uid={0})").groupSearchBase("ou=groups").groupSearchFilter("(member={0})").contextSource().root("dc=baeldung,dc=com").ldif("classpath:users.ldif");
     }
 
     @Override
     protected void configure(HttpSecurity http) throws Exception {
         http.authorizeRequests().antMatchers("/", "/home").permitAll().anyRequest().authenticated();
-        http.formLogin().loginPage("/login").permitAll().and().logout().logoutSuccessUrl("/");
+        http.formLogin().loginPage("/login").permitAll().loginProcessingUrl("/j_spring_security_check").and().logout().logoutSuccessUrl("/");
     }
 
 }
diff --git a/spring-security-mvc-ldap/src/main/resources/templates/login.html b/spring-security-mvc-ldap/src/main/resources/templates/login.html
index e3a18c2e48..81f62fde13 100644
--- a/spring-security-mvc-ldap/src/main/resources/templates/login.html
+++ b/spring-security-mvc-ldap/src/main/resources/templates/login.html
@@ -21,7 +21,7 @@
 			<p th:if="${param.logout}" class="alert">You have been logged out</p>
 			<p th:if="${param.error}" class="alert alert-error">There was an error, please try again</p>
 			<h2>Login with Username and Password</h2>
-			<form name="form" th:action="@{/login}" action="/login" method="POST">
+			<form name="form" th:action="@{/j_spring_security_check}" action="/login" method="POST">
 				<fieldset>
 					<input type="text" name="username" value="" placeholder="Username" />
 					<input type="password" name="password" placeholder="Password" />
diff --git a/spring-security-mvc-ldap/src/main/resources/webSecurityConfig.xml b/spring-security-mvc-ldap/src/main/resources/webSecurityConfig.xml
new file mode 100644
index 0000000000..6bd2c422d8
--- /dev/null
+++ b/spring-security-mvc-ldap/src/main/resources/webSecurityConfig.xml
@@ -0,0 +1,36 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans:beans xmlns="http://www.springframework.org/schema/security" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:beans="http://www.springframework.org/schema/beans"
+    xsi:schemaLocation="
+        http://www.springframework.org/schema/security 
+        http://www.springframework.org/schema/security/spring-security.xsd
+        http://www.springframework.org/schema/beans 
+        http://www.springframework.org/schema/beans/spring-beans-4.2.xsd"
+>
+
+    <http auto-config="true" use-expressions="true">
+        <intercept-url pattern="/" access="permitAll"/>
+        <intercept-url pattern="/home" access="permitAll"/>
+        <intercept-url pattern="/login" access="permitAll"/>
+        <intercept-url pattern="/secure" access="isAuthenticated()"/>
+        
+        <form-login login-page='/login' default-target-url="/" 
+            authentication-failure-url="/login?error" 
+            username-parameter="username"
+            password-parameter="password"/>
+        <logout logout-success-url="/" />
+    </http>
+
+    <authentication-manager>
+            <ldap-authentication-provider
+                user-search-base="ou=people"
+                user-search-filter="(uid={0})"
+                group-search-base="ou=groups"
+                group-search-filter="(member={0})"
+                >
+            </ldap-authentication-provider>
+    </authentication-manager>
+    
+    <ldap-server root="dc=baeldung,dc=com" ldif="users.ldif"/>
+    
+
+</beans:beans>
\ No newline at end of file