Home/ Questions/Q 626183
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-13T19:23:26+00:00

I was trying out spring-security for a sample web application. When declaring the LDAPAuthenticationProvider,

  • 0

I was trying out spring-security for a sample web application. When declaring the LDAPAuthenticationProvider, I noticed that you have to declare all your settings with in the applicationContext.xml file!

As a spring newbie, I do understand that one would have to declare dependecies in the applicationContext file. However, in a typical enterprise scenario, you would have an admin configure your ldap settings. So, you would need to load ldap server related information from a database into your application and then connect to the configured server. If this were the scenario, how do I handle this in Spring?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    You can have the properties in an external, properties file, in the form:

    ldapUsername=value1
ldapPassword=value2

    And in the beginning of you applicationContext.xml put the following:

    <context:property-placeholder location="classpath:application.properties" />

    then you can use them in the following manner:

    <bean id="someId" class="...">
   <property name="ldapUsername" value="${ldapUsername}" />
   <property name="ldapPassword" value="${ldapPassword}" /> 
</bean>

    Thus your admin will configure the properties in the simple file application.properties without the need to look at the complex applicationContext.xml

    If you want them fetched from a different source than a properties file, you can extend spring’s PropertyPlaceholderConfigurer and provide the functionality to fetch the properties from a DB.

    This answer to a question similar to yours shows an example of how to implement such.

    Update in order to have your values injected at runtime, you will have to define your beans to be of scope prototype. Otherwise, once instantiated (wiht the initial settings), your beans will never change. However that is quite a big change for such simple effects. That’s why I’d suggest the following:

    1. Create a (password-protected) UI where the administrator can fill his settings (or at least press a button “I changed the settings”

    2. on pressing the button update the settings/reload the settings from the database and set them in your singleton bean.

    Since you are using spring-mvc, you can simply inject your bean in a spring controller and update the settings. Like:

    public class MyController {
    @Autowired
    private LDAPAuthenticationProvider ldapProvider;

    public void saveSettings(..) {
         // get the new username and password first
         ldapProvider.setUsername(newUsername);
         ldapProvider.setPassword(newPassword);
    }
}

    (if you don’t want to use annotations, just use <property name="ldapProvider" ref="ldapProvider" /> in your controller definition)

    The LDAPAuthenticationProvider doesn’t seem to have setUsername and setPassword, so find how exactly are the credentials set.

    • 0