loudyourvoice.com

Author: kmmizanurrahmanjp@gmail.com

  • SentOS 8 Streams

    dnf -y install java-17-openjdk java-17-openjdk-devel

    cat > /etc/profile.d/java.sh <<‘EOF’

    export JAVA_HOME=$(dirname $(dirname $(readlink $(readlink $(which java)))))

    export PATH=$PATH:$JAVA_HOME/bin

    EOF

    source /etc/profile.d/java.sh

    java –version

    Ubuntu 22.04 LTS

    sudo apt update

    java –version

    sudo apt-cache search openjdk

    sudo apt install openjdk-17-jdk -y

    sudo update-alternatives –config java

    sudo vim /etc/environment

    JAVA_HOME=”/usr/lib/jvm/java-17-openjdk-amd64/bin/java”

    source /etc/environment

    java –version

    javac –version

  • Active Directory Authentication in Spring Boot

      Add Dependencies
      Include the necessary dependencies in your pom.xml (for Maven):

      <dependency>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
    <groupId>org.springframework.ldap</groupId>
    <artifactId>spring-ldap-core</artifactId>
</dependency>
<dependency>
    <groupId>org.springframework.security</groupId>
    <artifactId>spring-security-ldap</artifactId>
</dependency>

      Configure Active Directory Connection in application.properties

      spring.ldap.urls=ldap://your-ad-server:389
spring.ldap.base=dc=yourdomain,dc=com
spring.ldap.username=admin@yourdomain.com
spring.ldap.password=yourpassword

      Implement LDAP Authentication in SecurityConfig.java

      @Configuration
@EnableWebSecurity
public class SecurityConfig {

    @Bean
    public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
        http
            .authorizeHttpRequests(auth -> auth
                .anyRequest().authenticated()
            )
            .formLogin(withDefaults())
            .httpBasic(withDefaults());
        return http.build();
    }

    @Bean
    public AuthenticationManager authManager(HttpSecurity http) throws Exception {
        return http.getSharedObject(AuthenticationManagerBuilder.class)
            .ldapAuthentication()
            .userDnPatterns("cn={0},ou=users")
            .contextSource()
            .url("ldap://your-ad-server:389/dc=yourdomain,dc=com")
            .and()
            .passwordCompare()
            .passwordEncoder(new LdapShaPasswordEncoder())
            .passwordAttribute("userPassword")
            .and()
            .build();
    }
}

      Create a Login API in AuthController.java

      @RestController
@RequestMapping("/auth")
public class AuthController {

    @PostMapping("/login")
    public ResponseEntity<String> login(@RequestBody AuthRequest authRequest) {
        UsernamePasswordAuthenticationToken authToken =
                new UsernamePasswordAuthenticationToken(authRequest.getUsername(), authRequest.getPassword());

        Authentication authentication = authenticationManager.authenticate(authToken);
        SecurityContextHolder.getContext().setAuthentication(authentication);

        return ResponseEntity.ok("User authenticated successfully");
    }
}

class AuthRequest {
    private String username;
    private String password;
    // Getters and setters
}

      Note
      If your AD uses LDAPS (Secure LDAP), you may need to configure SSL certificates.
      Consider JWT authentication after validating AD credentials.
      Ensure role-based access control (RBAC) if needed.