我正在使用Spring Security使用LDAP協議對Active Directory進行身份驗證。下面的代碼工作以及在認證和建立LDAP模板太(springSecurity.xml):LDAP - AD上下文源的用戶名密碼配置
<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:ldap="http://www.springframework.org/schema/ldap"
xsi:schemaLocation="
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring-context.xsd
http://www.springframework.org/schema/ldap
http://www.springframework.org/schema/ldap/spring-ldap.xsd">
<http use-expressions="true">
<intercept-url pattern="/login" access="permitAll" />
<intercept-url pattern="/authenticated" access="isAuthenticated()" />
<form-login login-page="/login" default-target-url="/authenticated"
authentication-failure-url="/login?error=true" />
<logout />
</http>
<beans:bean
class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">
<beans:property name="location">
<beans:value>classpath:/ldap.properties</beans:value>
</beans:property>
<beans:property name="SystemPropertiesMode">
<beans:value>2</beans:value> <!-- OVERRIDE is 2 -->
</beans:property>
</beans:bean>
<beans:bean id="adAuthenticationProvider"
class="org.springframework.security.ldap.authentication.ad.ActiveDirectoryLdapAuthenticationProvider">
<beans:constructor-arg value="${sample.ldap.domain}" />
<beans:constructor-arg value="${sample.ldap.url}" />
<beans:property name="useAuthenticationRequestCredentials"
value="true" />
<beans:property name="convertSubErrorCodesToExceptions"
value="true" />
</beans:bean>
<authentication-manager>
<authentication-provider ref="adAuthenticationProvider" />
</authentication-manager>
<!-- Ldap after authentication -->
<context:property-placeholder location="classpath:/ldap.properties"
system-properties-mode="OVERRIDE" />
<context:annotation-config />
<ldap:context-source id="contextSource"
password="${sample.ldap.password}"
url="${sample.ldap.url}"
username="${sample.ldap.userDn}"
base="${sample.ldap.base}"
referral="follow" />
<ldap:ldap-template id="ldapTemplate"
context-source-ref="contextSource" />
<ldap:repositories base-package="com.domain" />
<beans:bean class="com.service.UserService">
<beans:property name="directoryType" value="${sample.ldap.directory.type}" />
</beans:bean>
<!-- Required to make sure BaseLdapName is populated in UserService -->
<beans:bean
class="org.springframework.ldap.core.support.BaseLdapPathBeanPostProcessor" />
</beans:beans>
認證工作正常,而來自login.jsp的獲取爲j_username和爲j_password。要設置ldap模板,我使用在屬性文件中定義的用戶名和密碼屬性,但是我希望從spring security使用相同的用戶名和密碼。請指導我如何將彈出安全證書的ldap:context-source id =「contextSource」中的用戶名和密碼屬性屬性綁定在一起。
該代碼是一點點混亂,任何改進的意見是值得歡迎的。
感謝您的迴應,我之前嘗試過這個解決方案,但使用不同的類來獲得春季安全認證,現在它的工作正常。 :) – NewBee