diff --git a/publish-service/pom.xml b/publish-service/pom.xml
index e9c90a4c..9a08b998 100644
--- a/publish-service/pom.xml
+++ b/publish-service/pom.xml
@@ -36,6 +36,16 @@
+
+ net.sf.ehcache
+ ehcache
+ 2.10.6
+
+
+ org.springframework.boot
+ spring-boot-starter-cache
+ ${springboot.version}
+
org.springframework.boot
spring-boot-starter-actuator
diff --git a/publish-service/src/main/java/com/ericsson/eiffel/remrem/publish/config/CacheConfig.java b/publish-service/src/main/java/com/ericsson/eiffel/remrem/publish/config/CacheConfig.java
new file mode 100644
index 00000000..15258416
--- /dev/null
+++ b/publish-service/src/main/java/com/ericsson/eiffel/remrem/publish/config/CacheConfig.java
@@ -0,0 +1,18 @@
+package com.ericsson.eiffel.remrem.publish.config;
+
+import org.springframework.cache.CacheManager;
+import org.springframework.cache.annotation.EnableCaching;
+import org.springframework.cache.concurrent.ConcurrentMapCacheManager;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+
+@Configuration
+@EnableCaching
+public class CacheConfig {
+
+ @Bean
+ public CacheManager cacheManager() {
+ return new ConcurrentMapCacheManager(new String[]{"ldapUserDetailsCache"});
+ }
+
+}
diff --git a/publish-service/src/main/java/com/ericsson/eiffel/remrem/publish/config/CustomLdapUserDetailsService.java b/publish-service/src/main/java/com/ericsson/eiffel/remrem/publish/config/CustomLdapUserDetailsService.java
new file mode 100644
index 00000000..cfbc5a42
--- /dev/null
+++ b/publish-service/src/main/java/com/ericsson/eiffel/remrem/publish/config/CustomLdapUserDetailsService.java
@@ -0,0 +1,99 @@
+package com.ericsson.eiffel.remrem.publish.config;
+
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.cache.Cache;
+import org.springframework.cache.CacheManager;
+import org.springframework.cache.annotation.Cacheable;
+import org.springframework.ldap.core.LdapTemplate;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.core.userdetails.UsernameNotFoundException;
+import org.springframework.stereotype.Service;
+
+import ch.qos.logback.classic.Logger;
+
+@Service
+public class CustomLdapUserDetailsService implements UserDetailsService{
+
+
+ @Value("${activedirectory.rootDn}")
+ private String rootDn;
+
+ @Autowired
+ private LdapTemplate ldapTemplate;
+
+ @Autowired
+ private CacheManager cacheManager;
+
+ private Logger log = (Logger) LoggerFactory.getLogger(CustomLdapUserDetailsService.class);
+
+ @Cacheable(value = "ldapUserDetailsCache", key = "#username")
+ public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
+ Cache cache = cacheManager.getCache("ldapUserDetailsCache");
+ if (cache != null && cache.get(username) != null) {
+ return cache.get(username, UserDetails.class);
+ } else {
+ log.info("---------------------at 41--------------");
+ Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
+ UserDetails userDetails = (UserDetails) authentication.getPrincipal();
+ String username1 = userDetails.getUsername();
+ String password = userDetails.getPassword();
+ log.info("------------ at 46------------" + username+" "+ password);
+ log.info("------------------------- 47----------- "+ userDetails);
+ cacheManager.getCache("ldapUserDetailsCache").put(username, userDetails);
+ return userDetails;
+ }
+ }
+
+ /*
+ * private UserDetails mapToUserDetails(Attributes attributes) { // Extract and map attributes
+ * to UserDetails object // Example: String username = null;
+ * log.info("--------------- at 65----------------- "); try { username =
+ * attributes.get("sAMAccountName").get().toString(); } catch(NamingException e) {
+ *
+ * } // System.out.println("------------------------ at 56 ------------- "+ username); // String
+ * password = attributes.get("userPassword").get().toString(); // ...
+ *
+ * // Create and return UserDetails object // Example: return User.withUsername(username) //
+ * .password(password) .roles("USER") .build();
+ *
+ * // Implement attribute extraction and UserDetails creation logic based on your LDAP schema //
+ * return null; }
+ */
+
+ /*
+ * @Override public UserDetails loadUserByUsername(String username) throws
+ * UsernameNotFoundException { Cache cache = cacheManager.getCache("ldapUserDetailsCache"); if
+ * (cache != null && cache.get(username) != null) { return cache.get(username,
+ * UserDetails.class); } else { Authentication authentication =
+ * SecurityContextHolder.getContext().getAuthentication(); String authenticatedUsername =
+ * authentication.getName();
+ *
+ * UserDetails userDetails = getUserDetailsByUsername(authenticatedUsername);
+ *
+ * cache.put(authenticatedUsername, userDetails);
+ *
+ * return userDetails;
+ *
+ * // throw new UsernameNotFoundException("User not found"); } } public UserDetails
+ * getUserDetailsByUsername(String username) { // Assuming 'cn' is the attribute for the
+ * username in LDAP String ldapQuery = "(cn=" + username + ")";
+ *
+ * try { return ldapTemplate.search( "", // Base DN for the search ldapQuery, // LDAP filter
+ * (AttributesMapper) attributes -> { // Map LDAP attributes to UserDetails object
+ * // Example mapping; adapt based on your LDAP schema String ldapUsername =
+ * attributes.get("cn").get().toString(); // String ldapPassword = ""; // Fetch password
+ * attribute // Other attribute mappings as needed
+ *
+ * return org.springframework.security.core.userdetails.User .withUsername(ldapUsername) //
+ * .password(ldapPassword) .roles("USER") // Set user roles based on LDAP attributes // Other
+ * attribute settings as needed .build(); }).stream().findFirst().orElse(null); // Fetch the
+ * first matching entry } catch (Exception e) { throw new
+ * UsernameNotFoundException("User not found");
+ */
+
+}
diff --git a/publish-service/src/main/java/com/ericsson/eiffel/remrem/publish/config/SecurityConfig.java b/publish-service/src/main/java/com/ericsson/eiffel/remrem/publish/config/SecurityConfig.java
index ab4fe376..d4f60995 100644
--- a/publish-service/src/main/java/com/ericsson/eiffel/remrem/publish/config/SecurityConfig.java
+++ b/publish-service/src/main/java/com/ericsson/eiffel/remrem/publish/config/SecurityConfig.java
@@ -21,6 +21,7 @@
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
+import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Profile;
import org.springframework.ldap.core.support.BaseLdapPathContextSource;
@@ -29,6 +30,7 @@
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.core.userdetails.UserDetailsService;
/**
* This class is used to enable the ldap authentication based on property
@@ -70,7 +72,10 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
public Integer getTimeOut() {
return ldapTimeOut;
}
-
+//
+ @Autowired
+ private CustomLdapUserDetailsService customLdapUserDetailsService;
+
@Autowired
private CustomAuthenticationEntryPoint customAuthenticationEntryPoint;
@@ -82,11 +87,25 @@ protected void configureGlobal(AuthenticationManagerBuilder auth) throws Excepti
managerPassword.substring(1, managerPassword.length() - 1), jasyptKey);
}
LOGGER.debug("LDAP server url: " + ldapUrl);
- auth.ldapAuthentication()
+ auth
+ .userDetailsService(customLdapUserDetailsService)
+ .and()
+ .ldapAuthentication()
.userSearchFilter(userSearchFilter)
.contextSource(ldapContextSource());
}
+
+// @Override
+// protected void configure(AuthenticationManagerBuilder auth) throws Exception {
+// auth.userDetailsService(customLdapUserDetailsService); }
+
+
+// @Bean
+// public UserDetailsService userDetailsService() {
+// return new CustomLdapUserDetailsService();
+// }
+
public BaseLdapPathContextSource ldapContextSource() {
LdapContextSource ldap = new LdapContextSource();
ldap.setUrl(ldapUrl);
@@ -112,5 +131,16 @@ protected void configure(HttpSecurity http) throws Exception {
.and()
.csrf()
.disable();
+// .sessionManagement()
+// .sessionCreationPolicy(SessionCreationPolicy.IF_REQUIRED) // Create session if required
+// .sessionFixation().migrateSession() // Migrate session to prevent fixation attacks
+// .maximumSessions(1) // Allow only one session per user
+// .maxSessionsPreventsLogin(false) // Allows multiple logins for the same user
+// .expiredUrl("/login?expired") // Redirect to this URL on session expiration
+// .and()
+// .and()
+// .logout()
+// .invalidateHttpSession(true)
+// .deleteCookies("JSESSIONID");
}
}
diff --git a/publish-service/src/main/resources/application.properties b/publish-service/src/main/resources/application.properties
index e23c39f0..11f634eb 100644
--- a/publish-service/src/main/resources/application.properties
+++ b/publish-service/src/main/resources/application.properties
@@ -4,6 +4,12 @@ debug: false
spring.mvc.pathmatch.matching-strategy=ANT_PATH_MATCHER
+# Cache names
+spring.cache.cache-names=ldapUserDetailsCache
+
+# Ehcache specific settings
+spring.cache.type=ehcache
+
#Logging configurations
logging.level.root: INFO
logging.level.org.springframework.web: INFO