Letractively / webpasswordsafe

Automatically exported from code.google.com/p/webpasswordsafe
0 stars 0 forks source link

ldap authentication issues #93

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago
What steps will reproduce the problem?
1.This instance runs fine with local authentication
2.Attempting to connect to client with ldap authentication
3.

What is the expected output? What do you see instead?
failed connection to wps client, tomcat log java errors:

2013-08-13 11:21:37,730 INFO  [localhost-startStop-15]: Root 
WebApplicationContext: initialization started
2013-08-13 11:21:37,786 INFO  [localhost-startStop-15]: Refreshing Root 
WebApplicationContext: startup date [Tue Aug 13 11:21:37 CDT 2013]; root of 
context hierarchy
2013-08-13 11:21:37,825 INFO  [localhost-startStop-15]: Loading XML bean 
definitions from ServletContext resource [/WEB-INF/webpasswordsafe-service.xml]
2013-08-13 11:21:37,927 INFO  [localhost-startStop-15]: Loading XML bean 
definitions from ServletContext resource [/WEB-INF/webpasswordsafe-data.xml]
2013-08-13 11:21:37,964 INFO  [localhost-startStop-15]: Loading XML bean 
definitions from ServletContext resource [/WEB-INF/webpasswordsafe-reports.xml]
2013-08-13 11:21:37,997 INFO  [localhost-startStop-15]: Loading XML bean 
definitions from ServletContext resource [/WEB-INF/webpasswordsafe-rest.xml]
2013-08-13 11:21:38,296 INFO  [localhost-startStop-15]: Loading properties file 
from ServletContext resource [/WEB-INF/jdbc.properties]
2013-08-13 11:21:38,296 INFO  [localhost-startStop-15]: Loading properties file 
from ServletContext resource [/WEB-INF/encryption.properties]
2013-08-13 11:21:38,365 INFO  [localhost-startStop-15]: Pre-instantiating 
singletons in 
org.springframework.beans.factory.support.DefaultListableBeanFactory@318eec0c: 
defining beans 
[loginService,passwordService,userService,org.springframework.context.annotation
.internalConfigurationAnnotationProcessor,org.springframework.context.annotation
.internalAutowiredAnnotationProcessor,org.springframework.context.annotation.int
ernalRequiredAnnotationProcessor,org.springframework.context.annotation.internal
CommonAnnotationProcessor,org.springframework.context.annotation.internalPersist
enceAnnotationProcessor,passwordGenerator,authenticator,userLockoutAuthenticator
,localAuthenticator,multiAuthenticator,demoAuthenticator,authnContextSource,auth
nLdapTemplate,ldapAuthenticator,rsaAuthenticator,roleRetriever,authorizer,auditL
oggerLog4j,auditLoggerDatabase,auditLogger,digester,passwordEncryptor,encryptor,
bcProvider,strongEncryptor,org.springframework.beans.factory.config.PropertyPlac
eholderConfigurer#0,dataSource,sessionFactory,proxyStore,persistenceUtil,persist
entBeanManager,passwordAccessAuditDAO,groupDAO,ipLockoutDAO,tagDAO,auditLogDAO,t
emplateDAO,userLockoutDAO,userDAO,passwordDAO,org.springframework.aop.config.int
ernalAutoProxyCreator,org.springframework.transaction.annotation.AnnotationTrans
actionAttributeSource#0,org.springframework.transaction.interceptor.TransactionI
nterceptor#0,org.springframework.transaction.config.internalTransactionAdvisor,t
ransactionManager,reportConfig,passwordController,org.springframework.web.servle
t.mvc.method.annotation.RequestMappingHandlerMapping#0,org.springframework.forma
t.support.FormattingConversionServiceFactoryBean#0,org.springframework.web.servl
et.mvc.method.annotation.RequestMappingHandlerAdapter#0,org.springframework.web.
servlet.handler.MappedInterceptor#0,org.springframework.web.servlet.mvc.method.a
nnotation.ExceptionHandlerExceptionResolver#0,org.springframework.web.servlet.mv
c.annotation.ResponseStatusExceptionResolver#0,org.springframework.web.servlet.m
vc.support.DefaultHandlerExceptionResolver#0,org.springframework.web.servlet.han
dler.BeanNameUrlHandlerMapping,org.springframework.web.servlet.mvc.HttpRequestHa
ndlerAdapter,org.springframework.web.servlet.mvc.SimpleControllerHandlerAdapter,
org.springframework.web.servlet.mvc.annotation.DefaultAnnotationHandlerMapping#0
,org.springframework.web.servlet.view.json.MappingJacksonJsonView#0,org.springfr
amework.web.servlet.mvc.annotation.AnnotationMethodHandlerAdapter#0,jsonMessageC
onverter,org.springframework.context.annotation.ConfigurationClassPostProcessor$
ImportAwareBeanPostProcessor#0]; root of factory hierarchy
2013-08-13 11:21:38,418 INFO  [localhost-startStop-15]: Destroying singletons 
in 
org.springframework.beans.factory.support.DefaultListableBeanFactory@318eec0c: 
defining beans 
[loginService,passwordService,userService,org.springframework.context.annotation
.internalConfigurationAnnotationProcessor,org.springframework.context.annotation
.internalAutowiredAnnotationProcessor,org.springframework.context.annotation.int
ernalRequiredAnnotationProcessor,org.springframework.context.annotation.internal
CommonAnnotationProcessor,org.springframework.context.annotation.internalPersist
enceAnnotationProcessor,passwordGenerator,authenticator,userLockoutAuthenticator
,localAuthenticator,multiAuthenticator,demoAuthenticator,authnContextSource,auth
nLdapTemplate,ldapAuthenticator,rsaAuthenticator,roleRetriever,authorizer,auditL
oggerLog4j,auditLoggerDatabase,auditLogger,digester,passwordEncryptor,encryptor,
bcProvider,strongEncryptor,org.springframework.beans.factory.config.PropertyPlac
eholderConfigurer#0,dataSource,sessionFactory,proxyStore,persistenceUtil,persist
entBeanManager,passwordAccessAuditDAO,groupDAO,ipLockoutDAO,tagDAO,auditLogDAO,t
emplateDAO,userLockoutDAO,userDAO,passwordDAO,org.springframework.aop.config.int
ernalAutoProxyCreator,org.springframework.transaction.annotation.AnnotationTrans
actionAttributeSource#0,org.springframework.transaction.interceptor.TransactionI
nterceptor#0,org.springframework.transaction.config.internalTransactionAdvisor,t
ransactionManager,reportConfig,passwordController,org.springframework.web.servle
t.mvc.method.annotation.RequestMappingHandlerMapping#0,org.springframework.forma
t.support.FormattingConversionServiceFactoryBean#0,org.springframework.web.servl
et.mvc.method.annotation.RequestMappingHandlerAdapter#0,org.springframework.web.
servlet.handler.MappedInterceptor#0,org.springframework.web.servlet.mvc.method.a
nnotation.ExceptionHandlerExceptionResolver#0,org.springframework.web.servlet.mv
c.annotation.ResponseStatusExceptionResolver#0,org.springframework.web.servlet.m
vc.support.DefaultHandlerExceptionResolver#0,org.springframework.web.servlet.han
dler.BeanNameUrlHandlerMapping,org.springframework.web.servlet.mvc.HttpRequestHa
ndlerAdapter,org.springframework.web.servlet.mvc.SimpleControllerHandlerAdapter,
org.springframework.web.servlet.mvc.annotation.DefaultAnnotationHandlerMapping#0
,org.springframework.web.servlet.view.json.MappingJacksonJsonView#0,org.springfr
amework.web.servlet.mvc.annotation.AnnotationMethodHandlerAdapter#0,jsonMessageC
onverter,org.springframework.context.annotation.ConfigurationClassPostProcessor$
ImportAwareBeanPostProcessor#0]; root of factory hierarchy
2013-08-13 11:21:38,429 ERROR [localhost-startStop-15]: Context initialization 
failed
org.springframework.beans.factory.BeanCreationException: Error creating bean 
with name 'loginService': Injection of resource dependencies failed; nested 
exception is org.springframework.beans.factory.BeanCreationException: Error 
creating bean with name 'authenticator': Injection of resource dependencies 
failed; nested exception is 
org.springframework.beans.factory.BeanCreationException: Error creating bean 
with name 'ipLockoutDAO': Injection of autowired dependencies failed; nested 
exception is org.springframework.beans.factory.BeanCreationException: Could not 
autowire field: private org.hibernate.SessionFactory 
net.webpasswordsafe.server.dao.GenericHibernateDAO.sessionFactory; nested 
exception is org.springframework.beans.factory.CannotLoadBeanClassException: 
Cannot find class 
[net.webpasswordsafe.server.plugin.authentication.RsaSecurIdAuthenticator] for 
bean with name 'rsaAuthenticator' defined in ServletContext resource 
[/WEB-INF/webpasswordsafe-service.xml]; nested exception is 
java.lang.ClassNotFoundException: 
net.webpasswordsafe.server.plugin.authentication.RsaSecurIdAuthenticator
    at org.springframework.context.annotation.CommonAnnotationBeanPostProcessor.postProcessPropertyValues(CommonAnnotationBeanPostProcessor.java:306)
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.java:1106)
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:517)
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:456)
    at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:294)
    at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:225)
    at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:291)
    at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:193)
    at org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:585)
    at org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:913)
    at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:464)
    at org.springframework.web.context.ContextLoader.configureAndRefreshWebApplicationContext(ContextLoader.java:384)
    at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:283)
    at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:111)
    at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:4939)
    at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5434)
    at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150)
    at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:901)
    at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:877)
    at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:633)
    at org.apache.catalina.startup.HostConfig.deployWAR(HostConfig.java:976)
    at org.apache.catalina.startup.HostConfig$DeployWar.run(HostConfig.java:1653)
    at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471)
    at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:334)
    at java.util.concurrent.FutureTask.run(FutureTask.java:166)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1146)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
    at java.lang.Thread.run(Thread.java:679)
Caused by: org.springframework.beans.factory.BeanCreationException: Error 
creating bean with name 'authenticator': Injection of resource dependencies 
failed; nested exception is 
org.springframework.beans.factory.BeanCreationException: Error creating bean 
with name 'ipLockoutDAO': Injection of autowired dependencies failed; nested 
exception is org.springframework.beans.factory.BeanCreationException: Could not 
autowire field: private org.hibernate.SessionFactory 
net.webpasswordsafe.server.dao.GenericHibernateDAO.sessionFactory; nested 
exception is org.springframework.beans.factory.CannotLoadBeanClassException: 
Cannot find class 
[net.webpasswordsafe.server.plugin.authentication.RsaSecurIdAuthenticator] for 
bean with name 'rsaAuthenticator' defined in ServletContext resource 
[/WEB-INF/webpasswordsafe-service.xml]; nested exception is 
java.lang.ClassNotFoundException: 
net.webpasswordsafe.server.plugin.authentication.RsaSecurIdAuthenticator
    at org.springframework.context.annotation.CommonAnnotationBeanPostProcessor.postProcessPropertyValues(CommonAnnotationBeanPostProcessor.java:306)
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.java:1106)
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:517)
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:456)
    at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:294)
    at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:225)
    at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:291)
    at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:197)
    at org.springframework.context.annotation.CommonAnnotationBeanPostProcessor.autowireResource(CommonAnnotationBeanPostProcessor.java:442)
    at org.springframework.context.annotation.CommonAnnotationBeanPostProcessor.getResource(CommonAnnotationBeanPostProcessor.java:416)
    at org.springframework.context.annotation.CommonAnnotationBeanPostProcessor$ResourceElement.getResourceToInject(CommonAnnotationBeanPostProcessor.java:549)
    at org.springframework.beans.factory.annotation.InjectionMetadata$InjectedElement.inject(InjectionMetadata.java:150)
    at org.springframework.beans.factory.annotation.InjectionMetadata.inject(InjectionMetadata.java:87)
    at org.springframework.context.annotation.CommonAnnotationBeanPostProcessor.postProcessPropertyValues(CommonAnnotationBeanPostProcessor.java:303)
    ... 27 more
Caused by: org.springframework.beans.factory.BeanCreationException: Error 
creating bean with name 'ipLockoutDAO': Injection of autowired dependencies 
failed; nested exception is 
org.springframework.beans.factory.BeanCreationException: Could not autowire 
field: private org.hibernate.SessionFactory 
net.webpasswordsafe.server.dao.GenericHibernateDAO.sessionFactory; nested 
exception is org.springframework.beans.factory.CannotLoadBeanClassException: 
Cannot find class 
[net.webpasswordsafe.server.plugin.authentication.RsaSecurIdAuthenticator] for 
bean with name 'rsaAuthenticator' defined in ServletContext resource 
[/WEB-INF/webpasswordsafe-service.xml]; nested exception is 
java.lang.ClassNotFoundException: 
net.webpasswordsafe.server.plugin.authentication.RsaSecurIdAuthenticator
    at org.springframework.beans.factory.annotation.AutowiredAnnotationBeanPostProcessor.postProcessPropertyValues(AutowiredAnnotationBeanPostProcessor.java:287)
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.java:1106)
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:517)
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:456)
    at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:294)
    at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:225)
    at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:291)
    at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:197)
    at org.springframework.context.annotation.CommonAnnotationBeanPostProcessor.autowireResource(CommonAnnotationBeanPostProcessor.java:442)
    at org.springframework.context.annotation.CommonAnnotationBeanPostProcessor.getResource(CommonAnnotationBeanPostProcessor.java:416)
    at org.springframework.context.annotation.CommonAnnotationBeanPostProcessor$ResourceElement.getResourceToInject(CommonAnnotationBeanPostProcessor.java:549)
    at org.springframework.beans.factory.annotation.InjectionMetadata$InjectedElement.inject(InjectionMetadata.java:150)
    at org.springframework.beans.factory.annotation.InjectionMetadata.inject(InjectionMetadata.java:87)
    at org.springframework.context.annotation.CommonAnnotationBeanPostProcessor.postProcessPropertyValues(CommonAnnotationBeanPostProcessor.java:303)
    ... 40 more
Caused by: org.springframework.beans.factory.BeanCreationException: Could not 
autowire field: private org.hibernate.SessionFactory 
net.webpasswordsafe.server.dao.GenericHibernateDAO.sessionFactory; nested 
exception is org.springframework.beans.factory.CannotLoadBeanClassException: 
Cannot find class 
[net.webpasswordsafe.server.plugin.authentication.RsaSecurIdAuthenticator] for 
bean with name 'rsaAuthenticator' defined in ServletContext resource 
[/WEB-INF/webpasswordsafe-service.xml]; nested exception is 
java.lang.ClassNotFoundException: 
net.webpasswordsafe.server.plugin.authentication.RsaSecurIdAuthenticator
    at org.springframework.beans.factory.annotation.AutowiredAnnotationBeanPostProcessor$AutowiredFieldElement.inject(AutowiredAnnotationBeanPostProcessor.java:506)
    at org.springframework.beans.factory.annotation.InjectionMetadata.inject(InjectionMetadata.java:87)
    at org.springframework.beans.factory.annotation.AutowiredAnnotationBeanPostProcessor.postProcessPropertyValues(AutowiredAnnotationBeanPostProcessor.java:284)
    ... 53 more
Caused by: org.springframework.beans.factory.CannotLoadBeanClassException: 
Cannot find class 
[net.webpasswordsafe.server.plugin.authentication.RsaSecurIdAuthenticator] for 
bean with name 'rsaAuthenticator' defined in ServletContext resource 
[/WEB-INF/webpasswordsafe-service.xml]; nested exception is 
java.lang.ClassNotFoundException: 
net.webpasswordsafe.server.plugin.authentication.RsaSecurIdAuthenticator
    at org.springframework.beans.factory.support.AbstractBeanFactory.resolveBeanClass(AbstractBeanFactory.java:1262)
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.predictBeanType(AbstractAutowireCapableBeanFactory.java:576)
    at org.springframework.beans.factory.support.AbstractBeanFactory.isFactoryBean(AbstractBeanFactory.java:1331)
    at org.springframework.beans.factory.support.DefaultListableBeanFactory.getBeanNamesForType(DefaultListableBeanFactory.java:317)
    at org.springframework.beans.factory.BeanFactoryUtils.beanNamesForTypeIncludingAncestors(BeanFactoryUtils.java:185)
    at org.springframework.beans.factory.support.DefaultListableBeanFactory.findAutowireCandidates(DefaultListableBeanFactory.java:833)
    at org.springframework.beans.factory.support.DefaultListableBeanFactory.doResolveDependency(DefaultListableBeanFactory.java:790)
    at org.springframework.beans.factory.support.DefaultListableBeanFactory.resolveDependency(DefaultListableBeanFactory.java:707)
    at org.springframework.beans.factory.annotation.AutowiredAnnotationBeanPostProcessor$AutowiredFieldElement.inject(AutowiredAnnotationBeanPostProcessor.java:478)
    ... 55 more
Caused by: java.lang.ClassNotFoundException: 
net.webpasswordsafe.server.plugin.authentication.RsaSecurIdAuthenticator
    at org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1714)
    at org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1559)
    at org.springframework.util.ClassUtils.forName(ClassUtils.java:258)
    at org.springframework.beans.factory.support.AbstractBeanDefinition.resolveBeanClass(AbstractBeanDefinition.java:417)
    at org.springframework.beans.factory.support.AbstractBeanFactory.doResolveBeanClass(AbstractBeanFactory.java:1283)
    at org.springframework.beans.factory.support.AbstractBeanFactory.resolveBeanClass(AbstractBeanFactory.java:1254)
    ... 63 more

What version of the product are you using? On what operating system?
webpasswordsafe version 1.3/centos 6

Please provide any additional information below.
here is the contents of webpasswordsafe-service.xml

<?xml version="1.0" encoding="UTF-8"?>
<!--
    Copyright 2008-2013 Josh Drummond

    This file is part of WebPasswordSafe.

    WebPasswordSafe is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
    the Free Software Foundation; either version 2 of the License, or
    (at your option) any later version.

    WebPasswordSafe is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU General Public License for more details.

    You should have received a copy of the GNU General Public License
    along with WebPasswordSafe; if not, write to the Free Software
    Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
-->
<beans xmlns="http://www.springframework.org/schema/beans"
     xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
     xmlns:context="http://www.springframework.org/schema/context"
     xsi:schemaLocation="
     http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
     http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.0.xsd">

    <!-- core services -->

    <context:component-scan base-package="net.webpasswordsafe.server.service" />

    <!-- pluggable services -->

    <bean id="passwordGenerator"
        class="net.webpasswordsafe.server.plugin.generator.SimpleRandomPasswordGenerator" >
        <property name="passwordLength" value="20" />
        <property name="allowLowercase" value="true" />
        <property name="allowUppercase" value="true" />
        <property name="allowNumeric" value="true" />
        <property name="specialChars" value="!@#$%^*" />
        <property name="excludeChars" value="O0l1" />
    </bean>

    <bean id="authenticator"
        class="net.webpasswordsafe.server.plugin.authentication.IPLockoutAuthenticator">
        <property name="authenticator" ref="userLockoutAuthenticator" />
        <property name="failedLoginThreshold" value="10" />
        <property name="lockoutLength" value="1440" />
        <property name="whitelist">
            <set>
                <value>127.0.0.1</value>
            </set>
        </property>
    </bean>

    <bean id="userLockoutAuthenticator"
        class="net.webpasswordsafe.server.plugin.authentication.UserLockoutAuthenticator">
        <property name="authenticator" ref="ldapAuthenticator" />
        <property name="failedLoginThreshold" value="5" />
        <property name="whitelist">
            <set>
                <value>admin</value>
            </set>
        </property>
    </bean>

    <bean id="localAuthenticator"
        class="net.webpasswordsafe.server.plugin.authentication.LocalAuthenticator">
    </bean>

    <!-- ## Uncomment to use a different authenticator implementation corp-svc-vpn@corp.classifiedventures.com-->
    <bean id="multiAuthenticator"
        class="net.webpasswordsafe.server.plugin.authentication.CompositeAuthenticator">
        <property name="authenticators">
            <list>
                <map>
                    <entry key="users">
                        <list>
                            <value>admin</value>
                        </list>
                    </entry>
                    <entry key="authenticator" value-ref="localAuthenticator"></entry>
                </map>
                <map>
                    <entry key="anyUser" value="true" />
                    <entry key="authenticator" value-ref="ldapAuthenticator"></entry>
                </map>
            </list>
        </property>
    </bean>

    <bean id="demoAuthenticator"
        class="net.webpasswordsafe.server.plugin.authentication.DemoAuthenticator">
        <property name="demoPassword" value="demo" />
    </bean>

    <bean id="authnContextSource" class="org.springframework.ldap.core.support.LdapContextSource">
        <property name="url" value="ldap://wchiadldap:389" />
        <property name="userDn" value="cn=corp-svc-vpn.user,DC=corp,DC=classifiedventures,DC=com" />
        <property name="password" value="Iz1Sn@gd" />
    </bean>
    <bean id="authnLdapTemplate" class="org.springframework.ldap.core.LdapTemplate">
        <constructor-arg ref="authnContextSource" />
    </bean>
    <bean id="ldapAuthenticator" class="net.webpasswordsafe.server.plugin.authentication.LdapAuthenticator">
        <property name="ldapTemplate" ref="authnLdapTemplate" />
        <property name="filter" value="(&amp;(objectclass=person)(sAMAccountName=$1))" />
        <property name="base" value="DC=corp,DC=classifiedventures,DC=com" />
    </bean>

    <bean id="rsaAuthenticator"
        class="net.webpasswordsafe.server.plugin.authentication.RsaSecurIdAuthenticator">
        <property name="configPath" value="/usr/local/rsa/rsa_api.properties" />
    </bean>

    <bean id="roleRetriever"
        class="net.webpasswordsafe.server.plugin.authentication.LocalRoleRetriever">
        <property name="adminUsers">
            <set>
                <value>admin</value>
            </set>
        </property>
    </bean>

    <bean id="authorizer"
        class="net.webpasswordsafe.server.plugin.authorization.DefaultAuthorizer">
        <property name="allowAdminBypassPasswordPermissions" value="true" />
    </bean>

    <bean id="auditLoggerLog4j"
        class="net.webpasswordsafe.server.plugin.audit.Log4jAuditLogger">
        <property name="delimiter" value=" || " />
    </bean>

    <bean id="auditLoggerDatabase"
        class="net.webpasswordsafe.server.plugin.audit.DatabaseAuditLogger" />

    <bean id="auditLogger" 
        class="net.webpasswordsafe.server.plugin.audit.CompositeAuditLogger">
        <property name="auditLoggers">
            <list>
                <ref bean="auditLoggerLog4j" />
                <ref bean="auditLoggerDatabase" />
            </list>
        </property>
    </bean>

    <!--  Encryption related settings, these should not be changed after initial deployment otherwise
          data may be corrupted or unreadable -->

    <!-- ## Uncomment for Jasypt Encryption -->
    <bean id="digester" class="net.webpasswordsafe.server.plugin.encryption.JasyptDigester">
        <property name="passwordEncryptor" ref="passwordEncryptor" />
    </bean>
    <bean id="passwordEncryptor" class="org.jasypt.util.password.StrongPasswordEncryptor" />
    <bean id="encryptor" class="net.webpasswordsafe.server.plugin.encryption.JasyptEncryptor">
        <property name="stringEncryptor" ref="strongEncryptor" />
    </bean>
    <bean id="bcProvider" class="org.bouncycastle.jce.provider.BouncyCastleProvider" />
    <bean id="strongEncryptor" class="org.jasypt.encryption.pbe.StandardPBEStringEncryptor">
        <property name="algorithm" value="${encryptor.jasypt.algorithm}" />
        <property name="provider" ref="bcProvider" />
        <property name="password" value="${encryptor.jasypt.password}" />
        <property name="keyObtentionIterations" value="${encryptor.jasypt.keyObtentionIterations}" />
    </bean>

    <!-- ## Uncomment for OWASP-ESAPI Encryption -->
    <!-- 
    <bean id="digester" class="net.webpasswordsafe.server.plugin.encryption.EsapiDigester">
        <constructor-arg index="0" value="${encryptor.esapi.useClasspath}" />
        <constructor-arg index="1" value="${encryptor.esapi.resourceDir}" />
    </bean>
    <bean id="encryptor" class="net.webpasswordsafe.server.plugin.encryption.EsapiEncryptor">
        <constructor-arg index="0" value="${encryptor.esapi.useClasspath}" />
        <constructor-arg index="1" value="${encryptor.esapi.resourceDir}" />
    </bean>
    -->
</beans>

Original issue reported on code.google.com by mathias....@gmail.com on 13 Aug 2013 at 4:31

GoogleCodeExporter commented 9 years ago
This issue can be ignored, sorry to bother you!
Thanks for all your work on this project!

Original comment by mathias....@gmail.com on 15 Aug 2013 at 1:57

GoogleCodeExporter commented 9 years ago

Original comment by joshdrum...@gmail.com on 26 Aug 2013 at 2:06