jakarta ee - How implement LDAP login in wildfly web app

Question

How to implement LDAP authentication in a Java EE WildFly app? Are there any examples?

I'm new to Java EE and need to write an app using LDAP and I'm stuck. I read a book about developing in WildFly but there was no information about LDAP there.

Answer 1

The following step of operation will have to be performed for authenticating your application using LDAP (assuming that LDAP is already setup).

Creating a new security domain in standalone.xml file.

<security-domain name="LDAPAuth">
  <authentication>
    <login-module code="LdapExtended" flag="required">
      <module-option name="java.naming.factory.initial" value="com.sun.jndi.ldap.LdapCtxFactory"/>
      <module-option name="java.naming.provider.url" value="ldap://localhost:389"/>
      <module-option name="java.naming.security.authentication" value="simple"/>
      <module-option name="bindDN" value="uid=admin,dc=acme,dc=com"/>
      <module-option name="bindCredential" value="secret"/>
      <module-option name="baseCtxDN" value="ou=People,dc=acme,dc=com"/>
      <module-option name="baseFilter" value="(uid={0})"/>
      <module-option name="rolesCtxDN" value="ou=Roles,dc=acme,dc=com"/>
      <module-option name="roleFilter" value="(member={1})"/>
      <module-option name="roleAttributeID" value="cn"/>
      <module-option name="searchScope" value="ONELEVEL_SCOPE"/>
      <module-option name="allowEmptyPasswords" value="true"/>
    </login-module>
  </authentication> 
</security-domain>

you will have to change the values accordingly

Now you will have to add the security context in your application's web.xml. Assuming that you only want users with user Role to login to your application then you can add something like this

    <web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
        xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
        xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd">

        <security-constraint>
            <web-resource-collection>
                <web-resource-name>HtmlAuth</web-resource-name>
                <description>application security constraints</description>
                <url-pattern>/*</url-pattern>
                <http-method>GET</http-method>
                <http-method>POST</http-method>
            </web-resource-collection>
            <auth-constraint>
                <role-name>Manager</role-name>
            </auth-constraint>
        </security-constraint>
        <login-config>
            <auth-method>BASIC</auth-method>
            <realm-name>LDAPAuth realm</realm-name>
        </login-config>
        <security-role>
            <role-name>user</role-name>
        </security-role>
    </web-app>

you will have to place a jboss-web.xml in your WEB-INF folder with the following content

    <jboss-web>
           <security-domain>java:/jaas/LDAPAuth</security-domain>
    </jboss-web>

you can find a wonderful tutorial on this subject here