Hi Blackman,
>
> Are you using servicemix 7 in production?
>
no, we are confident to have version 7.0.0 released before we need to
install this current development release (before we were using servicemix
5.3.0 but basically on the spring, spring ldap and spring security
ecosystem few has changed when upgrading).
Consider anyhow that ServiceMix 7.0.0.M2 is based on the stable release of
Karaf 4.0.5.
> can we use it production?
>
I cannot give warranties, for ourself, we hope to upgrade to final 7.0.0
before using in production, anyhow we have tested it quite well and for our
usage it is stable, so I don't exclude to use it in production.
> could please give a snipet of your spring ldap servicemix configuration?
>
as told you, we don't use the Spring Security Web.
In one bundle dedicated to authentication we use the the Spring Security
LDAP interface:
org.springframework.security.ldap.authentication.AbstractLdapAuthenticationProvider
We have tested it to work with LDAP or Active Directory:
- For LDAP we use: a
org.springframework.security.ldap.authentication.LdapAuthenticationProvider
and we initialize it this way:
<bean id="contextSource"
class="org.springframework.security.ldap.DefaultSpringSecurityContextSource">
<constructor-arg value="${aocc.ldap.url}" />
<property name="userDn" value="${aocc.ldap.login.userDn}" />
<property name="password" value="${aocc.ldap.login.password}" />
</bean>
<bean id="userSearchFilter"
class="org.springframework.security.ldap.search.FilterBasedLdapUserSearch">
<constructor-arg value="${aocc.ldap.search.dn}" />
<constructor-arg value="${aocc.ldap.search.filter}" />
<constructor-arg ref="contextSource" />
</bean>
<bean id="ldapAuthProvider"
class="org.springframework.security.ldap.authentication.LdapAuthenticationProvider">
<constructor-arg>
<bean
class="org.springframework.security.ldap.authentication.BindAuthenticator">
<constructor-arg ref="contextSource" />
<property name="userSearch" ref="userSearchFilter"/>
</bean>
</constructor-arg>
</bean>
- For Active Directory we use:
org.springframework.security.ldap.authentication.ad.ActiveDirectoryLdapAuthenticationProvider
and we initialize it this way:
<bean id="adAuthProvider"
class="org.springframework.security.ldap.authentication.ad.ActiveDirectoryLdapAuthenticationProvider">
<constructor-arg value="${aocc.ad.domain}" />
<constructor-arg value="${aocc.ad.url}" />
<property name="convertSubErrorCodesToExceptions" value="true" />
</bean>
and last could we use blueprint ans is it as powerful as spring under Karaf?
>
In theory you should be able to use Blueprint, for this bundle we use
Spring.
Hope this is of any help,
Regards
Cristiano
