0

I am using Spring Boot (2.7.2) security. My security config is:

public class WebSecurityConfig {

    @Bean
    public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
        http.authorizeRequests().anyRequest().fullyAuthenticated().and().httpBasic();
        return http.build();
    }

    @Bean
    public AuthenticationProvider activeDirectoryLdapAuthenticationProvider() {
        ActiveDirectoryLdapAuthenticationProvider provider = new ActiveDirectoryLdapAuthenticationProvider(
                "company.com", "ldap://ldap-company.com:389");
        provider.setSearchFilter("(&(objectClass=user)(sAMAccountName={0}))");
        provider.setConvertSubErrorCodesToExceptions(true);
        provider.setUseAuthenticationRequestCredentials(true);
        return provider;
    }

}

Now when I hit my URI I keep getting the login pop-up infinitely.

enter image description here

The username and password I am providing is correct. No error(s) at the console whatsoever.

What am I doing wrong here or missing?

Ajay Kumar
  • 2,906
  • 3
  • 23
  • 46

1 Answers1

1

While I am still waiting for the right answer, I got the idea from here and it works.

So this is what I ended up with:

public class WebSecurityConfig extends GlobalAuthenticationConfigurerAdapter {

    @Bean
    public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
        http.authorizeRequests().anyRequest().authenticated()
                // .fullyAuthenticated()
                .and().httpBasic();
        return http.build();
    }

    @Override
    public void init(AuthenticationManagerBuilder auth) throws Exception {
        DefaultSpringSecurityContextSource contextSource = new DefaultSpringSecurityContextSource(
                "ldap://ldap-company.com:389/dc=company,dc=com");
        contextSource.setUserDn("CN=MYBindUser,OU=Ldap,dc=COMPANY,dc=com");
        contextSource.setPassword("ComplexP@ssw0rd");
        contextSource.setReferral("follow");
        contextSource.afterPropertiesSet();

        LdapAuthenticationProviderConfigurer<AuthenticationManagerBuilder> ldapAuthenticationProviderConfigurer = auth
                .ldapAuthentication();

        ldapAuthenticationProviderConfigurer
        .userSearchFilter("(&(cn={0}))")
        // .userSearchFilter("(sAMAccountName=%s)")
        .userSearchBase("")
        // .groupSearchBase("(&(objectCategory=group)(cn={0}))")
        .contextSource(contextSource);
    }
    
}

Now my HTTPBasic Authentication with ActiveDirectory LDAP works just fine.

Ajay Kumar
  • 2,906
  • 3
  • 23
  • 46