Spring Security integration into active directory

Question

I want to authenticate my web service in Spring with an Active Directory lookup at both the producer and the consumer - under the Principal that that each are executing under (ie Service Accounts).

I'm assuming I have to use

JaasPlainTextPasswordValidationCallbackHandler

and

JaasCertificateValidationCallbackHandler

and set up my

jaas.config

file.

Can anyone give me a code example of where to go from here? I'm guessing the Service Account names will need to go into the jaas.config file - but if so - I'd like that to be automatically populated.

Answer 1

You shouldn't need JAAS at all. A simple LDAP authentication scheme should work fine for Spring Security and Active Directory; Active Directory exposes an LDAP interface (typically port 389).

http://static.springframework.org/spring-security/site/docs/2.0.x/reference/ldap.html