From ec1b4afc8787641cd871eaa86a00577c57a2321a Mon Sep 17 00:00:00 2001
From: Daniel Gerhardt <code@dgerhardt.net>
Date: Thu, 12 Nov 2015 12:15:13 +0100
Subject: [PATCH] Add support for an LDAP manager user

---
 .../java/de/thm/arsnova/config/SecurityConfig.java     | 10 +++++++---
 src/main/resources/arsnova.properties.example          |  6 +++---
 src/test/resources/arsnova.properties.example          |  6 +++---
 3 files changed, 13 insertions(+), 9 deletions(-)

diff --git a/src/main/java/de/thm/arsnova/config/SecurityConfig.java b/src/main/java/de/thm/arsnova/config/SecurityConfig.java
index c63911006..03996ab1f 100644
--- a/src/main/java/de/thm/arsnova/config/SecurityConfig.java
+++ b/src/main/java/de/thm/arsnova/config/SecurityConfig.java
@@ -98,7 +98,9 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter implements Serv
 
 	@Value("${security.ldap.enabled}") private boolean ldapEnabled;
 	@Value("${security.ldap.url}") private String ldapUrl;
-	@Value("${security.ldap.user-dn-pattern}") private String ldapUserDn;
+	@Value("${security.ldap.user-dn-pattern:}") private String ldapUserDn;
+	@Value("${security.ldap.manager-user-dn:}") private String ldapManagerUserDn;
+	@Value("${security.ldap.manager-password:}") private String ldapManagerPassword;
 
 	@Value("${security.cas.enabled}") private boolean casEnabled;
 	@Value("${security.cas-server-url}") private String casUrl;
@@ -254,8 +256,10 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter implements Serv
 	public LdapContextSource ldapContextSource() throws Exception {
 		DefaultSpringSecurityContextSource contextSource = new DefaultSpringSecurityContextSource(ldapUrl);
 		/* TODO: implement support for LDAP bind using manager credentials */
-//		contextSource.setUserDn(ldapManagerUserDn);
-//		contextSource.setPassword(ldapManagerPassword);
+		if (!"".equals(ldapManagerUserDn) && !"".equals(ldapManagerPassword)) {
+			contextSource.setUserDn(ldapManagerUserDn);
+			contextSource.setPassword(ldapManagerPassword);
+		}
 
 		return contextSource;
 	}
diff --git a/src/main/resources/arsnova.properties.example b/src/main/resources/arsnova.properties.example
index 1550809a1..66d8e4e6c 100644
--- a/src/main/resources/arsnova.properties.example
+++ b/src/main/resources/arsnova.properties.example
@@ -112,9 +112,9 @@ security.ldap.image=
 security.ldap.order=0
 security.ldap.url=ldap://example.com:33389/dc=example,dc=com
 security.ldap.user-dn-pattern=uid={0},ou=arsnova
-# Not yet implemented parameters
-#security.ldap.user-search-filter=(uid={0})
-#security.ldap.user-search-base="ou=people"
+# Configure the LDAP manager user if anonymous binding is not allowed
+#security.ldap.manager-user-dn=cn=arsnova-manager,dc=example,dc=com
+#security.ldap.manager-password=arsnova
 
 # CAS authentication
 #
diff --git a/src/test/resources/arsnova.properties.example b/src/test/resources/arsnova.properties.example
index 1550809a1..66d8e4e6c 100644
--- a/src/test/resources/arsnova.properties.example
+++ b/src/test/resources/arsnova.properties.example
@@ -112,9 +112,9 @@ security.ldap.image=
 security.ldap.order=0
 security.ldap.url=ldap://example.com:33389/dc=example,dc=com
 security.ldap.user-dn-pattern=uid={0},ou=arsnova
-# Not yet implemented parameters
-#security.ldap.user-search-filter=(uid={0})
-#security.ldap.user-search-base="ou=people"
+# Configure the LDAP manager user if anonymous binding is not allowed
+#security.ldap.manager-user-dn=cn=arsnova-manager,dc=example,dc=com
+#security.ldap.manager-password=arsnova
 
 # CAS authentication
 #
-- 
GitLab