Configure User Authentication through Windows Active Directory Server in a Spring Boot Application

In this article we will try to authenticate a user to an external windows active directory domain server before granting him access to APIs.

Suppose you have a running windows AD server such
domain name — example.examplegroup.co.in
IP Address — 192.168.1.25

Steps:

  1. Add following dependencies to pom.xml file
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>

2. Create a security configuration file

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.ldap.authentication.ad.ActiveDirectoryLdapAuthenticationProvider;

3. Create Controller class that supports two APIs -

  • /hello — return “Hello World”
  • /user — return json object of authenticated user details received from windows AD server.
@RestController
public class MyController {

@GetMapping("/hello")
public String sayHello() {
return "hello world";
}

Thats it.

If you try to access any of these api, you will be prompted with login form as shown below.

login form when trying to access API
API /hello output after authentication
API /user output after authentication

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store