I am using Spring Security for ldap authentication and have this configuration on my spring-security.xml
<security:authentication-manager>
<security:ldap-authentication-provider
user-search-filter="xxxxx"
user-search-base=""
group-search-filter="xxxxx"
group-search-base=""
group-role-attribute="cn"
role-prefix="ROLE_">
</security:ldap-authentication-provider>
</security:authentication-manager>
<security:ldap-server url="ldap://servername54389/dc=..." manager-dn="xxxx" manager-password="xxxx" />
This works well for me. However, we cannot put manager-dn and manager-password like this in the xml. Is there a way to avoid putting manager-password in the code and still have it work? If I simply remove manager-dn and manager-password in the xml, it does not work and gives Access denied error.
Any details/help on this would be greatly appreciated