FEJ uses Spring Security for authentication purposes. Security configuration is stored in fej-security.xml file.
In-Memory Authentication
By default, FEJ container uses simple in-memory authentication.
| Code Block | ||
|---|---|---|
| ||
<sec:authentication-manager id="authenticationManager">
<sec:authentication-provider>
<sec:user-service id="userDetailsService" properties="users.properties"/>
</sec:authentication-provider>
</sec:authentication-manager> |
Users are stored in the external properties file named users.properties. It contains single user test with password test and role ROLE_ADMIN:
| Code Block | ||
|---|---|---|
| ||
$ pwd
/usr/share/fixedgej-1.0.0/conf
$ cat users.properties
test=test,ROLE_ADMIN,enabled |
LDAP authentication
FEJ also supports authentication against an LDAP server.
Before getting deep into LDAP authentication, let’s get familiar with some LDAP terms.
...
Dn
...
Distinguished name, a unique name which is used to find user in LDAP server e.g. Microsoft Active Directory.
...
Ou
...
Organization Unit.
...
Bind
...
LDAP Bind is an operation in which LDAP clients sends bindRequest to LDAP user including username and password and if
LDAP server is able to find user and password correct, it allows access to LDAP server.
...
Search
...
LDAP search is the operation which is performed to retrieve Dn of user by using some user credentials.
...
Root
...
LDAP directory’s top element, like root of a tree.
...
BaseDn
...
a branch in LDAP tree which can be used as base for LDAP search operation.
When the LDAP authentication option is activated, the default single user mode is turned off.This section describes configuration of various parts of the FIXEdge Java solution.
Child pages (Children Display) all true depth 2