The first step in configuring LDAP support in Spring Security is to obtain the following information from the local LDAP Directory Server administrator:
The full DN and password of a user account that may be used to perform the LDAP query that searches for a user account object. (Required for Step 2 and 3 of the LDAP user authentication process.)
The DN of the LDAP Directory Service object that will be the root of the query that locates a user account. (Required for Step 3 of the LDAP user authentication process.)
The LDAP query string that is used to locate an LDAP user account. (Required for Step 3 of the LDAP user authentication process.)
The DN of the Directory Service object that will be the root of the query that locates the LDAP groups granted to a user. (Required for Step 8 of the LDAP user authentication process.)
The LDAP query string that is used to locate LDAP groups granted to a user. (Required for Step 8 of the LDAP user authentication process.)
The LDAP object attribute name that is used to create Spring Security role names. (Required for Step 8 of the LDAP user authentication process.)
A determination on whether sub-tree searches should be enabled for LDAP user account queries. (Affects Step 3 of the LDAP user authentication process.)
A determination on whether sub-tree searches should be enabled for LDAP group membership queries. (Affects Step 8 of the LDAP user authentication process.)
The LDAP URL(s) used to connect to the LDAP Directory Service. (Required for Step 1 of the LDAP user authentication process.)