Thursday, December 20, 2012

Authentication Using Weblogic Embedded Ldap

Here we use the Weblogic embedded Ldap for authentication purpose of our java EE 6 application. JSF is used as view technology. For communicating with ldap, springLdap library has been used.

Pre requisites: you need an installed weblogic server and its Embedded Ldap properly set.

The spring beans for ldapTemplate are described in the applicationContext.xml
  
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
       xmlns:p="http://www.springframework.org/schema/p"
       xmlns:aop="http://www.springframework.org/schema/aop"
       xmlns:tx="http://www.springframework.org/schema/tx"
       xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
       http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.0.xsd
       http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd">
    
    <bean id="contextSource" class="org.springframework.ldap.core.support.DirContextSource">
        <property name="url" value="ldap://127.0.0.1:7001">
        </property>
        <property name="userDn" value="cn=Admin"> 
        </property>
        <property name="password" value="adminpass0">
        </property>
        <property name="base" value="ou=myrealm,dc=base_domain">
        </property>
    </bean>
 
    <bean id="ldapTemplate" class="org.springframework.ldap.core.LdapTemplate">
        <constructor-arg ref="contextSource" />
    </bean>
    
</beans>

the view page for login is a simple xhtml file with two input fields

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"
      xmlns:h="http://java.sun.com/jsf/html">
    
    <head>
        <title>login page</title>
    </head>
<body>
<h:form>
    <h:outputLabel value="Enter your user ID " />
    <h:inputText value="#{loginController.uid}" />

    <h:outputLabel value="Enter your password" />
    <h:inputSecret value="#{loginController.password}" />
    
    <h:commandButton value="Submit"
                     action="#{loginController.checkLogin}" />
</h:form>
   
</body>
</html>

controller for logging contains methods for authentication.



package Controller;

import javax.enterprise.context.RequestScoped;
import javax.inject.Inject;
import javax.inject.Named;
import org.hibernate.validator.constraints.NotEmpty;
import org.springframework.ldap.core.DistinguishedName;
import org.springframework.ldap.core.LdapTemplate;
import org.springframework.ldap.filter.AndFilter;
import org.springframework.ldap.filter.EqualsFilter;

/**
 * @author nayef
 */
@Named
@RequestScoped
public class LoginController {

    @NotEmpty(message = "the uid cant be empty")
    private String uid;
    @NotEmpty(message = "the password cant be empty")
    private String password;
    @Inject
    private LdapTemplate ldapTemplate;

   // getters setters need be here.  

    public String checkLogin() {
        if (loginFromLdap()) {
            return "success?faces-redirect=true";
        } else {
            return "failed?faces-redirect=true";
        }
    }

    public boolean loginFromLdap() {
        AndFilter filter = new AndFilter();
        filter.and(new EqualsFilter("objectclass", "person")).and(new EqualsFilter("uid", this.getUid()));
        boolean legit = false;

        try {
            legit = this.ldapTemplate.authenticate(DistinguishedName.EMPTY_PATH, filter.toString(), this.getPassword());
        } catch (Exception e) {
            legit = false;
        }

        return legit;

    }
}

the injected ldapTemplate is produced using a producer method described in injecting-spring-bean-using-cdi .

the success page and failure pages just display the outcome of the authentication.


<?xml version='1.0' encoding='UTF-8' ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"
      xmlns:h="http://java.sun.com/jsf/html">

    <head>
        <title>Success</title>
    </head>
    <body>
        <div>your credentials were found in ldap</div>
    </body>
</html>



<?xml version='1.0' encoding='UTF-8' ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"
      xmlns:h="http://java.sun.com/jsf/html">

    <head>
        <title>Failure</title>
    </head>
    <body>
        <div>your credentials were NOT found in ldap</div>
    </body>
</html>


Resources:
1. http://www.jayway.com/2009/02/02/simple-authentication-using-spring-ldap/
2. http://today.java.net/pub/a/today/2006/04/18/ldaptemplate-java-ldap-made-simple.html
3. http://java.dzone.com/articles/accessing-weblogic-embedded
4. https://blogs.oracle.com/jamesbayer/entry/look_inside_weblogic_server_em
5. http://nayefreza.blogspot.com/2012/12/injecting-spring-bean-using-cdi.html

Posted by at
Labels: , , , , , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)