Open-MBEE · HuiJun · Feb 10, 2021 · Feb 10, 2021 · Feb 10, 2021 · Feb 10, 2021
diff --git a/example/example.gradle b/example/example.gradle
@@ -17,6 +17,7 @@ dependencies {
     implementation(
         project(':authenticator'),
         project(':localuser'),
+        project(':ldap'),
         project(':cameo'),
         project(':elastic'),
         project(':jupyter'),

diff --git a/example/src/main/resources/application-test.properties b/example/src/main/resources/application-test.properties
@@ -11,6 +11,7 @@ jwt.header=Authorization
 rdb.project.prefix=mms
 
 # See ldap module for example configuration
+ldap.enabled=false
 ldap.provider.base=ou=something,dc=openmbee,dc=org
 ldap.provider.url=ldaps://ldap.openmbee.org/${ldap.provider.base}
 ldap.provider.userdn=

diff --git a/ldap/src/main/java/org/openmbee/mms/ldap/LdapCondition.java b/ldap/src/main/java/org/openmbee/mms/ldap/LdapCondition.java
@@ -0,0 +1,14 @@
+package org.openmbee.mms.ldap;
+
+import org.springframework.context.annotation.Condition;
+import org.springframework.context.annotation.ConditionContext;
+import org.springframework.core.env.Environment;
+import org.springframework.core.type.AnnotatedTypeMetadata;
+
+public class LdapCondition implements Condition {
+    @Override
+    public boolean matches(ConditionContext context, AnnotatedTypeMetadata metadata) {
+        Environment env = context.getEnvironment();
+        return "true".equals(env.getProperty("ldap.enabled"));
+    }
+}
diff --git a/ldap/src/main/java/org/openmbee/mms/ldap/LdapSecurityConfig.java b/ldap/src/main/java/org/openmbee/mms/ldap/LdapSecurityConfig.java
@@ -13,6 +13,7 @@
 import org.springframework.beans.factory.annotation.Qualifier;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Conditional;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.ldap.core.DirContextOperations;
 import org.springframework.ldap.core.support.BaseLdapPathContextSource;
@@ -27,39 +28,40 @@
 import org.springframework.transaction.annotation.EnableTransactionManagement;
 
 @Configuration
+@Conditional(LdapCondition.class)
 @EnableTransactionManagement
 public class LdapSecurityConfig {
 
     private static Logger logger = LoggerFactory.getLogger(LdapSecurityConfig.class);
 
-    @Value("${ldap.provider.url}")
+    @Value("${ldap.provider.url:#{null}}")
     private String providerUrl;
 
-    @Value("${ldap.provider.userdn}")
+    @Value("${ldap.provider.userdn:#{null}}")
     private String providerUserDn;
 
-    @Value("${ldap.provider.password}")
+    @Value("${ldap.provider.password:#{null}}")
     private String providerPassword;
 
-    @Value("${ldap.provider.base}")
+    @Value("${ldap.provider.base:#{null}")
     private String providerBase;
 
-    @Value("${ldap.user.dn.pattern}")
+    @Value("${ldap.user.dn.pattern:uid={0}}")
     private String userDnPattern;
 
-    @Value("${ldap.user.attributes.username}")
+    @Value("${ldap.user.attributes.username:uid}")
     private String userAttributesUsername;
 
-    @Value("${ldap.user.attributes.email}")
+    @Value("${ldap.user.attributes.email:mail}")
     private String userAttributesEmail;
 
-    @Value("${ldap.group.search.base}")
+    @Value("${ldap.group.search.base:#{''}}")
     private String groupSearchBase;
 
-    @Value("${ldap.group.role.attribute}")
+    @Value("${ldap.group.role.attribute:cn}")
     private String groupRoleAttribute;
 
-    @Value("${ldap.group.search.filter}")
+    @Value("${ldap.group.search.filter:(uniqueMember={0})}")
     private String groupSearchFilter;
 
     private UserRepository userRepository;
@@ -79,17 +81,19 @@ public void setGroupRepository(GroupRepository groupRepository) {
     public void configureLdapAuth(AuthenticationManagerBuilder auth,
         LdapAuthoritiesPopulator ldapAuthoritiesPopulator, @Qualifier("contextSource") BaseLdapPathContextSource contextSource)
         throws Exception {
-        logger.debug("LDAP IS HAPPENING!!!");
+        if (providerUrl != null) {
+            logger.info("LDAP Module is loading...");
         /*
             see this article : https://spring.io/guides/gs/authenticating-ldap/
             We  redefine our own LdapAuthoritiesPopulator which need ContextSource().
             We need to delegate the creation of the contextSource out of the builder-configuration.
         */
-        auth.ldapAuthentication().userDnPatterns(userDnPattern).groupSearchBase(groupSearchBase)
-            .groupRoleAttribute(groupRoleAttribute).groupSearchFilter(groupSearchFilter)
-            .rolePrefix("")
-            .ldapAuthoritiesPopulator(ldapAuthoritiesPopulator)
-            .contextSource(contextSource);
+            auth.ldapAuthentication().userDnPatterns(userDnPattern).groupSearchBase(groupSearchBase)
+                .groupRoleAttribute(groupRoleAttribute).groupSearchFilter(groupSearchFilter)
+                .rolePrefix("")
+                .ldapAuthoritiesPopulator(ldapAuthoritiesPopulator)
+                .contextSource(contextSource);
+        }
     }
 
     @Bean

diff --git a/ldap/src/main/resources/application.properties.example b/ldap/src/main/resources/application.properties.example
@@ -1,3 +1,4 @@
+ldap.enabled=false
 ldap.provider.base=ou=something,dc=openmbee,dc=org
 ldap.provider.url=ldaps://ldap.openmbee.org/${ldap.provider.base}
 ldap.provider.userdn=