// LDAP config
grails.plugins.springsecurity.ldap.context.managerDn = 'domain\\ldapbind'
grails.plugins.springsecurity.ldap.context.managerPassword = 'password'
grails.plugins.springsecurity.ldap.context.server = 'ldap://domain:389/'
grails.plugins.springsecurity.ldap.authorities.ignorePartialResultException = true
grails.plugins.springsecurity.ldap.search.base = 'dc=domain'
grails.plugins.springsecurity.ldap.search.filter="sAMAccountName={0}"
grails.plugins.springsecurity.ldap.search.searchSubtree = true
grails.plugins.springsecurity.ldap.auth.hideUserNotFoundExceptions = false
grails.plugins.springsecurity.ldap.search.attributesToReturn = ['mail', 'displayName', 'title']
grails.plugins.springsecurity.providerNames = ['rememberMeAuthenticationProvider', 'daoAuthenticationProvider', 'ldapAuthProvider', 'anonymousAuthenticationProvider']
grails.plugins.springsecurity.ldap.useRememberMe = false
grails.plugins.springsecurity.ldap.authorities.retrieveGroupRoles = true
grails.plugins.springsecurity.ldap.authorities.retrieveDatabaseRoles = true
grails.plugins.springsecurity.ldap.authorities.groupSearchBase ='dc=domain'
grails.plugins.springsecurity.ldap.authorities.groupSearchFilter = 'member={0}'
//grails.plugins.springsecurity.ldap.authorities.groupSearchFilter = '(member:1.2.840.113556.1.4.1941:={0})'
grails.plugins.springsecurity.rememberMe.persistent = true
grails.plugins.springsecurity.rememberMe.persistentToken.domainClassName = 'security.PersistentLogin'
grails.plugins.springsecurity.ldap.rememberMe.detailsManager.groupMemberAttributeName = 'member'
grails.plugins.springsecurity.ldap.rememberMe.detailsManager.groupSearchBase = 'dc=domain'
grails.plugins.springsecurity.ldap.rememberMe.usernameMapper.userDnBase = 'domain'
grails.plugins.springsecurity.ldap.rememberMe.usernameMapper.usernameAttribute = 'cn'
grails.plugins.springsecurity.ldap.rememberMe.detailsManager.attributesToRetrieve = null
//grails.plugins.springsecurity.ldap.context.baseEnvironmentProperties = [ 'java.naming.ldap.factory.socket' : //'org.springframework.ldap.extras.ad.access.TolerantSSLSocketFactory' ]
grails.plugins.springsecurity.ldap.authorities.clean.uppercase = true
grails.plugins.springsecurity.cacheUsers = true
grails.plugins.springsecurity.apf.continueChainBeforeSuccessfulAuthentication = false
grails.plugins.springsecurity.apf.allowSessionCreation = false
grails.plugins.springsecurity.useSessionFixationPrevention = true
grails.plugins.springsecurity.rememberMe.alwaysRemember = true
grails.plugins.springsecurity.rememberMe.persistent = true
grails.plugins.springsecurity.securityConfigType = "InterceptUrlMap"
grails.plugins.springsecurity.interceptUrlMap = [
'/user/**': ['ROLE_ADMIN'],
'/role/**': ['ROLE_ADMIN'],
'/registrationcode/**': ['ROLE_ADMIN'],
'/acl*/**': ['ROLE_ADMIN'],
'/securityinfo/usercache': ['ROLE_NO_ACCESS'],
'/security*/**': ['ROLE_ADMIN'],
'/processing*/**': ['ROLE_ADMIN'],
'/js/**': ['IS_AUTHENTICATED_ANONYMOUSLY'],
'/css/**': ['IS_AUTHENTICATED_ANONYMOUSLY'],
'/images/**': ['IS_AUTHENTICATED_ANONYMOUSLY'],
'/login/**': ['IS_AUTHENTICATED_ANONYMOUSLY'],
'/logout/**': ['IS_AUTHENTICATED_ANONYMOUSLY'],
'/*/**': ['IS_AUTHENTICATED_REMEMBERED']
]
piątek, września 13, 2013
Subskrybuj:
Komentarze do posta (Atom)
0 komentarze:
Prześlij komentarz