LdapConfiguration.java

package de.otto.edison.authentication.configuration;

import de.otto.edison.authentication.LdapAuthenticationFilter;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

/**
 * Configuration for LDAP authentication. Secures specific endpoints according to the {@code edison.ldap} configuration
 * as given in {@link LdapProperties}}.
 */
@Configuration
@EnableConfigurationProperties(LdapProperties.class)
@ConditionalOnProperty(prefix = "edison.ldap", name = "enabled", havingValue = "true")
@ConditionalOnMissingBean(name = "authenticationFilter")
public class LdapConfiguration {

    /**
     * Add an authentication filter to the web application context if edison.ldap property is set to {@code enabled}'.
     * All routes starting with the value of the {@code edison.ldap.prefix} property will be secured by LDAP. If no
     * property is set this will default to all routes starting with '/internal'.
     */
    @Bean
    public FilterRegistrationBean authenticationFilter(final @Value("${edison.ldap.prefix:/internal}") String prefix,
                                                       final LdapProperties ldapProperties) {
        FilterRegistrationBean filterRegistration = new FilterRegistrationBean();
        filterRegistration.setFilter(new LdapAuthenticationFilter(ldapProperties));
        filterRegistration.addUrlPatterns(String.format("%s/*", prefix));
        return filterRegistration;
    }
}