diff --git a/.gitignore b/.gitignore
index 043004ca4b70cbf09120b936500595f19d034055..fb7773093c65498cdb1b57bcdb3ff03623b5089a 100644
--- a/.gitignore
+++ b/.gitignore
@@ -4,3 +4,4 @@
target/*
chromedriver.log
.checkstyle
+/target
diff --git a/pom.xml b/pom.xml
index 897842bf55e13ca9c45dab99c143f2a70c92ab51..25badea9e5aea07f49f1ce8391b45a89939b75cd 100644
--- a/pom.xml
+++ b/pom.xml
@@ -199,6 +199,11 @@
spring-security-cas
${org.springframework.security-version}
+
+ org.springframework.security
+ spring-security-ldap
+ ${org.springframework.security-version}
+
jstl
jstl
diff --git a/src/main/java/de/thm/arsnova/controller/LoginController.java b/src/main/java/de/thm/arsnova/controller/LoginController.java
index ba7b932a7745d72d108f0b3f58195a50cbc0ec0f..e5304986e78935f7ed8fd6a9b9ba0181cc5cb1a0 100644
--- a/src/main/java/de/thm/arsnova/controller/LoginController.java
+++ b/src/main/java/de/thm/arsnova/controller/LoginController.java
@@ -20,6 +20,7 @@ package de.thm.arsnova.controller;
import java.io.IOException;
import java.util.ArrayList;
+import java.util.Collection;
import java.util.List;
import javax.servlet.ServletException;
@@ -38,9 +39,11 @@ import org.springframework.security.cas.authentication.CasAuthenticationToken;
import org.springframework.security.cas.web.CasAuthenticationEntryPoint;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.authority.GrantedAuthorityImpl;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.token.Sha512DigestUtils;
+import org.springframework.security.ldap.authentication.LdapAuthenticationProvider;
import org.springframework.security.web.context.HttpSessionSecurityContextRepository;
import org.springframework.security.web.util.UrlUtils;
import org.springframework.stereotype.Controller;
@@ -67,6 +70,9 @@ public class LoginController extends AbstractController {
@Autowired
private FacebookProvider facebookProvider;
+
+ @Autowired
+ private LdapAuthenticationProvider ldapAuthenticationProvider;
@Autowired
private CasAuthenticationEntryPoint casEntryPoint;
@@ -136,6 +142,27 @@ public class LoginController extends AbstractController {
}
return null;
}
+
+ @RequestMapping(value = { "/auth/login", "/doLogin" }, method = RequestMethod.POST)
+ public final View doLdapLogin(
+ @RequestParam("type") final String type,
+ @RequestParam(value = "user", required = false) final String userName,
+ @RequestParam(value = "referer", required = false) final String forcedReferer,
+ @RequestParam(value = "password", required = false) final String password,
+ final HttpServletRequest request,
+ final HttpServletResponse response
+ ) throws IOException, ServletException {
+ if ("ldap".equals(type)) {
+ org.springframework.security.core.userdetails.User user =
+ new org.springframework.security.core.userdetails.User(
+ userName, password, true, true, true, true, this.getAuthorities()
+ );
+
+ Authentication token = new UsernamePasswordAuthenticationToken(user, null, getAuthorities());
+ ldapAuthenticationProvider.authenticate(token);
+ }
+ return null;
+ }
@RequestMapping(value = { "/auth/", "/whoami" }, method = RequestMethod.GET)
@ResponseBody
@@ -153,4 +180,10 @@ public class LoginController extends AbstractController {
}
return new RedirectView(request.getHeader("referer") != null ? request.getHeader("referer") : "/");
}
+
+ private Collection extends GrantedAuthority> getAuthorities() {
+ List authList = new ArrayList(2);
+ authList.add(new GrantedAuthorityImpl("ROLE_USER"));
+ return authList;
+ }
}
diff --git a/src/main/webapp/WEB-INF/spring/spring-security.xml b/src/main/webapp/WEB-INF/spring/spring-security.xml
index ecd7f7669a93c1cecda86eec020db8c05416affb..7f77bfac04048f1bc49175d9ff30cd61dc174c69 100644
--- a/src/main/webapp/WEB-INF/spring/spring-security.xml
+++ b/src/main/webapp/WEB-INF/spring/spring-security.xml
@@ -14,6 +14,7 @@
+
@@ -25,6 +26,13 @@
+
+
+
+
+
diff --git a/src/main/webapp/arsnova.properties.example b/src/main/webapp/arsnova.properties.example
index 84060f6e49fb259bcaf9fe60559eba979dbf33b4..8d6516561529b73c3586f8f0b666e9a4f6b8f5a0 100644
--- a/src/main/webapp/arsnova.properties.example
+++ b/src/main/webapp/arsnova.properties.example
@@ -10,6 +10,11 @@ security.twitter.secret=mC0HOvxiEgqwdDWCcDoy3q75nUQPu1bYRp1ncHWGd0
security.google.key=110959746118.apps.googleusercontent.com
security.google.secret=CkzUJZswY8rjWCCYnHVovyGA
+security.ldap.url=ldap://example.com:389/dc=example,dc=com
+security.ldap.user-search-filter=(uid={0})
+security.ldap.user-search-base="ou=people"
+
+
security.ssl=false
security.keystore=/etc/arsnova.thm.de.jks
security.storepass=arsnova