How to enable LDAP authentication for Roller 5?‏

[leofreesand <yu...@hotmail.com>]

I want to enable LDAP user authentication for Roller 5.0.3. There are some relating tutorials for Roller 4 but seems not working on the new spring security framework. I find some spring security 2 configuration examples, trying to figure it out with no success. Hoping someone will help me...
this is my progress so far: I'm using an openldap server with some testing account and added some properties in roller custom setting file:users.sso.enabled=trueusers.sso.autoProvision.enabled=trueusers.sso.registry.ldap.attributes.name=uidusers.sso.registry.ldap.attributes.screenname=cn
then I modified the security.xml:    <beans:bean id="contextSource" class="org.springframework.security.ldap.DefaultSpringSecurityContextSource">        <beans:constructor-arg value="ldap://localhost:389/dc=test,dc=com" />        <beans:property name="userDn" value="cn=Manager,dc=test,dc=com" />        <beans:property name="password" value="111111" />    </beans:bean>    <beans:bean id="ldapAuthProvider" class="org.springframework.security.providers.ldap.LdapAuthenticationProvider">        <custom-authentication-provider />        <beans:constructor-arg>            <beans:bean class="org.springframework.security.providers.ldap.authenticator.BindAuthenticator">                <beans:constructor-arg ref="contextSource" />                <beans:property name="userSearch" ref="userSearch" />            </beans:bean>        </beans:constructor-arg>        <beans:constructor-arg>            <beans:bean class="org.springframework.security.ldap.populator.DefaultLdapAuthoritiesPopulator">                <beans:constructor-arg ref="contextSource" />                <beans:constructor-arg value="ou=Tester" />                <beans:property name="searchSubtree" value="false" />                <beans:property name="defaultRole" value="register" />                <beans:property name="convertToUpperCase" value="false" />                <beans:property name="groupRoleAttribute" value=""/>                <beans:property name="rolePrefix" value="" />            </beans:bean>        </beans:constructor-arg>    </beans:bean>    <beans:bean id="userSearch" class="org.springframework.security.ldap.search.FilterBasedLdapUserSearch">        <beans:constructor-arg index="0" value="" />        <beans:constructor-arg index="1" value="(uid={0})" />        <beans:constructor-arg index="2" ref="contextSource" />        <beans:property name="searchSubtree" value="true" />    </beans:bean>
(Deploying roller with this configuration will get error message "java.lang.NoClassDefFoundError: com.sun.jndi.ldap.ctl.ResponseControlFactory", I found a solution at http://www.chrissearle.org/2007/08/30/spring-ldap_and_NoClassDefFoundError_com_sun_jndi_ldap_ctl_ResponseControlFactory/)
Now when using ldap username/password the page will jump to roller_j_security_check and display following error message: 500Filter execution threw an exceptionRoller has encountered and logged an unexpected exception.
Using a wrong password will get the same error message, If entering a non-existed username/password roller will display "Wrong username and password combination".
There are relating search messages in openldap.log, maybe I just need some tweak to fix the problem? Does anyone have any suggestions for solutions? thanks in advance.