I'm new to Spring, so this question may look like so obvious.
I'm trying to implement Spring security and my requirement is to authenticate the user name/password against a LDAP server and once the user is authenticated, I need to retrieve the user roles from a relational database.
is it possible to do this in Spring security?
Yes.
The build-in ldap authentication manager splits the authentication and authorisation of a user into 2 parts You can configure a LDAP based authentiication manager like below.
<bean id="authenticationManager" class="org.acegisecurity.providers.ProviderManager">
<property name="providers">
<list>
<ref local="ldapAuthenticationProvider"/>
</list>
</property>
</bean>
The authentication provider is configured like this.
<bean id="ldapAuthenticationProvider" class="org.acegisecurity.providers.ldap.LdapAuthenticationProvider">
<constructor-arg><ref local="authenticator"/></constructor-arg>
<constructor-arg><ref local="populator"/></constructor-arg>
<property name="userCache"><ref local="userCache"/></property>
</bean>
I don't know if there's a built-in populator that will do what you want, but you can develop your own one if required.