Understanding LDAP through the Spring Boot

1. What LDAP is?

Luiz Gustavo De O. Costa
4 min readMar 8, 2022

From Okta, this is the definition “Companies store usernames, passwords, email addresses, printer connections, and other static data within directories. LDAP is an open, vendor-neutral application protocol for accessing and maintaining that data. LDAP can also tackle authentication, so users can sign on just once and access many different files on the server.

2. What is AD?

AD is the acronym for Active Directory. AD is a directory services implementation that provides all sorts of functionality like authentication, group and user management, policy administration and more.

3. Are AD and LDAP the same thing?

No, link to the reference here.

LDAP is a protocol that many different directory services and access management solutions can understand, for instance:

  • HTTP is a web protocol.
  • Apache is a web server that uses the HTTP protocol.
  • LDAP is a directory services protocol.
  • Active Directory is a directory server that uses the LDAP protocol.

4. Hands on

4.1 Diagram from okta.com

LDAP process — from https://www.okta.com/identity-101/what-is-ldap/

4.2. Example

The straightforward way to run using LDAP is through a SpringBoot application.

This is the receipt. Go to the guide and run the example 😉

4.3 Why use the LDAP as a file?

Instead of using a server to provide the data, is more likely using a file, it’s the same approach to use an in-memory database instead of a SQL Server instance to test.

Before we continue, let’s understand the acronym. This is the reference for https://en.wikipedia.org/wiki/LDAP_Data_Interchange_Format

dn - Distinguished name
dc - Domain component
ou - Organization unit
cn - Common name

The password below is encrypted and to log in use benspassword

dn: dc=springframework,dc=org
objectclass: top
objectclass: domain
objectclass: extensibleObject
dc: springframework

dn: ou=groups,dc=springframework,dc=org
objectclass: top
objectclass: organizationalUnit
ou: groups

dn: ou=people,dc=springframework,dc=org
objectclass: top
objectclass: organizationalUnit
ou: people

dn: uid=ben,ou=people,dc=springframework,dc=org
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
cn: Ben Alex
sn: Alex
uid: ben
userPassword: $2a$10$c6bSeWPhg06xB1lvmaWNNe4NROmZiSpYhlocU/98HNr2MhIOiSt36

4.4. Spring Boot

This WebSecurityConfig class is responsible for guaranteeing the login via LDAP. The method configurewill read the file and compare the input sent by the user versus the LDAP.

For more details, check out the Spring article.

WebSecurityConfig class

4.5. Up and running

After start the application, go to http://localhost:8080/movies and the login page will be shown. Fill the data using, ben and benspassword and hit the Sign In button.

Sign In page
Return of Movies

5. What’s next?

The next will be a React application + Spring boot application work together, yes, I’m not a good front end developer but I’m really working hard for it.

Same user and pass
List of movies using React — WIP

6. References

--

--

Luiz Gustavo De O. Costa
Luiz Gustavo De O. Costa

Written by Luiz Gustavo De O. Costa

Hey friend!! I’m Luiz Gustavo, a Java developer and I’m here to learn and write about Java, tests and good practices

No responses yet