Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
SEC-1014: minor changes for an easy NTLM / LDAP configuration #1265
Following changes are needed for an easy NTLM and LDAP (Active Directory) integration :
Another change is needed for NTLM : AbstractLdapAuthenticator with no password check.
With those 2 changes, we can use NTLM to get username, use it to query LDAP and retrieve user informations (email, name, etc..) then use such informations in a custom UserDetails implementation (via a convenient UserDetailsContextMapper) without any implementation.
Hope this can help.
Luke Taylor said:
The issue with LdapAuthenticationProvider has been resolved as part of SEC-1117.
As far as I can see the additional functionality you’re talking about (ignoring the password supplied) is already available via NtlmAwareLdapAuthenticator. let me know if I’m missing something.