Bind authentication with the BindAuthenticator bean is the default behavior when configuring Spring Security for LDAP authentication. However, Spring Security provides an alternate authentication method based on password comparison:
| 1. | Use the administrator credentials in the ldapContextSource bean to log into the LDAP server. |
| 2. | Find a candidate user entry. |
| 3. | Retrieve the candidate’s password attribute and compare it to the login password, or send the login password for comparison by the LDAP server. |
The alternate authentication method is implemented by Spring Security in the PasswordComparisonAuthenticator class. Configuring Spring Security with this class is beyond the scope of this documentation. For more information, see the Spring Security documentation and Javadoc.
Recommended Comments
There are no comments to display.