Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Depending upon the version of active directory you're running you may need to specify a username/password for the ntlmProcessingFilter.
If you find authentication errors in the weave.log file after enabling integrated authentication then change the ntlmProcessingFilter to the following and set the appropriate username/password.

Code Block
xml
xml
titleSetting username/password for domain access
linenumberstruexml

	<bean id="ntlmProcessingFilter" class="org.acegisecurity.ui.ntlm.NtlmProcessingFilter">
		<property name="authenticationEntryPoint" ref="ntlmEntryPoint"/>
		<property name="authenticationManager" ref="ntlmAuthenticationManager"/>
		<property name="defaultDomain">
			<value>cohga.local</value>
		</property>
		<property name="domainController">
			<value>192.168.0.80</value>
		</property>
		<property name = "JCifsProperties">
			<map>
				<entry key="jcifs.smb.client.username">
					<value>username</value>
				</entry>
				<entry key="jcifs.smb.client.password">
					<value>password</value>
				</entry>
			</map>
		</property>
	</bean>

Additional properties that can effect the authentication process can be found here, where they can be set in the JCifsProperties section to alter the authentication process.

...

Image Added

Extended authentication example

...

It will also require editing of the ntlmProcessingFilter bean to at least set the correct defaultDomain and domainController.
It may also require changing the loadBalance property to set it to true (false is the default if it's not set).

...

Image Added

Getting roles from Active Directory (via LDAP)

...

The information setup in the ldapUserSearch, ldapAuthoritiesPopulator and initialDirContextFactory will at least need to updated to reflect your local settings.

...

Image Added