TechQA.

How can I dynamically authenticate a user against the db or ldap with spring security?

851 views Asked by At

I configured the authentication to work with both the db and ldap like this:

auth.ldapAuthentication()
        .groupSearchBase(groupSearchBase)
        .groupSearchFilter(groupFilter)
        .userSearchFilter(userFilter).userSearchBase(userSearchBase)
        .contextSource(contextSource())
        .and()
        .jdbcAuthentication().dataSource(dataSource).usersByUsernameQuery(
        "SELECT lower(username), password, active from USER_BTABLE where lower(username)=lower(?) and LDAPAUTH=0"
).authoritiesByUsernameQuery("select lower(username), 'ROLE_USER' from USER_ATABLE where lower(username)=lower(?)");

The trouble is that if the user also exists in the configured ldap with another password starting with the 6th authentication request the following exception appears:

 org.springframework.ldap.InvalidAttributeValueException: [LDAP: error code 19 - Exceed password retry limit. Please try later.];

I check in the login filter if the user has the db auth flag set, can I configure the AuthenticationManagerBuilder on the fly there also?

java spring spring-boot spring-security spring-security-ldap
Original Q&A
1

There are 1 answers

0
osmingo On BEST ANSWER

I eventually did a 307 redirect from a db auth server instance to an ldap auth server instance inside a doFilter method:

httpResponse.setStatus(TEMPORARY_REDIRECT);
httpResponse.setHeader("Location", req.getScheme() + "://"redirectLocation);

Related Questions in JAVA

Related Questions in SPRING

Related Questions in SPRING-BOOT

Related Questions in SPRING-SECURITY

Related Questions in SPRING-SECURITY-LDAP

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions