1 Reply Latest reply on Dec 20, 2018 2:32 PM by dlofthouse

Wildfly 15 - How to configure LDAP Authentication?

felipe.bit Dec 20, 2018 8:57 AM

Good evening! I'm trying to use Java EE 8 for athentication

I can validate my username and password in line 45 but I can't authenticate it using Security context in line 44. I'm trying to do it "portable" so I would not like to setup Elytron configs for this... so there is anyway to do it? This is my code:

@LdapIdentityStoreDefinition(
   url = "ldap://srv-infra04.axxiom1.local/",
   bindDn = "cn=suporteldap,ou=Usuarios,dc=openldapdev,dc=int",
   bindDnPassword = "5up0rt31DAP",
   callerSearchBase = "dc=openldapdev,dc=int"   
)
@BasicAuthenticationMechanismDefinition
@WebFilter(urlPatterns = { "/*" })
public class LdapAuthFilter implements Filter {


    @Inject
    IdentityStore store;
    
    @Inject
    SecurityContext sec;


    @Override
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain)
            throws IOException, ServletException {
        HttpServletRequest request = (HttpServletRequest) servletRequest;
        HttpServletResponse response = (HttpServletResponse) servletResponse;


        String authHeader = request.getHeader("Authorization");
        if (authHeader != null) {
            StringTokenizer st = new StringTokenizer(authHeader);
            if (st.hasMoreTokens()) {
                String basic = st.nextToken();


                if (basic.equalsIgnoreCase("Basic")) {
                    try {
                        String credentials = new String(Base64.getDecoder().decode(st.nextToken()));
                        int p = credentials.indexOf(":");
                        if (p != -1) {
                            String _username = credentials.substring(0, p).trim();
                            String _password = credentials.substring(p + 1).trim();
                            
                        Credential credential = new UsernamePasswordCredential(
                                _username, new Password(_password));
                       
                        // AuthenticationStatus status = sec.authenticate(request, response, AuthenticationParameters.withParams().credential(credential));
                            CredentialValidationResult cred = store.validate(credential);
                            if (!cred.getStatus().equals(Status.VALID)) {
                                unauthorized(response, "Bad credentials");
                            }


                            filterChain.doFilter(servletRequest, servletResponse);
                        } else {
                            unauthorized(response, "Invalid authentication token");
                        }
                    } catch (UnsupportedEncodingException e) {
                        throw new Error("Couldn't retrieve authentication", e);
                    }
                }
            }
        } else {
            unauthorized(response);
        }


    }


    private void unauthorized(HttpServletResponse response, String message) throws IOException {
        response.setHeader("WWW-Authenticate", "Basic realm=\"" + "Test" + "\"");
        response.sendError(401, message);
    }


    private void unauthorized(HttpServletResponse response) throws IOException {
        unauthorized(response, "Unauthorized");
    }

}

Thank you

Regards

1. Re: Wildfly 15 - How to configure LDAP Authentication?

dlofthouse Dec 20, 2018 2:32 PM (in response to felipe.bit)

What do you mean by 'can't authenticate' - do you have an error or something?
Actions