LDAP Authentication with Core Spring LDAP

1. Introduction to LDAP

LDAP (Lightweight Directory Access Protocol) is an open, industrial standard application protocol for reading and editing distributed directories over the network. These directories contain a set of records in an organized hierarchical structure, similar to how a corporate email directory looks like or a telephone directory which has an alphabetic list of persons with their address and phone numbers. LDAP enables anyone to locate resources in a network, be it on a public internet or corporate intranet.

LDAP read operations are extremely fast than any other possible alternatives for user authentication and authorization.

Useful Links

2. LDAP test server details

Note that we will be using the test LDAP server provided by ForumSys for our demo.

Directory structure on the test LDAP server looks like:

LDAP test server directory structure - Core Spring LDAP

Let’s check out the users who are Mathematicians 

Test LDAP Server - mathematicians - Core Spring LDAP

3. Problem Statement

Based on the directory structure provided by the test LDAP server, in this post we will try to authenticate if the logged-in user is a member of a particular role AD group, which in our case would be ROLE_MathematiciansRead more details on the test LDAP server here

We can navigate, edit and maintain the LDAP server through Apache Directory Studio, which can also be installed as an Eclipse plugin.

4. Why LDAP authentication with Core Spring LDAP rather than what we did earlier with Spring Security?

No doubt, Spring Security provides us with the most standard and durable implementation to LDAP authentication, but with Core Spring LDAP, the approach becomes a bit ugly, yet gets better streamlined. The latter approach (with Core Spring LDAP) has been noticed to drastically improve the performance of your application when compared to that with Spring Security. Though it’s less advised to go with this approach, we still count it to be one of the alternative for improvement in the application’s performance.

5. Implementation

As for the implementation, below is the sample code how we could do it.

Note that the sample code below is just to direct your on the approach and should not be considered final.

Read carefully through the comments as well in the below code.

I believe this is something that you would find so clearly written elsewhere on the web. I am expecting to hear you thoughts to make this even better.

Receive our updates to your inbox

Get more stuff like this
in your inbox

Subscribe to our mailing list and get interesting stuff and updates to your email inbox.