Grails Spring 安全 REST + LDAP
Grails Spring Security REST + LDAP
我正在尝试在 Grails 中设置 Spring 安全性,使用令牌进行身份验证(通过 Spring 安全性 REST 插件)并针对 LDAP 进行授权。我找到了几个示例(我现在打开了大约 20 个浏览器选项卡),但其中 none 个回答了整个问题。大多数示例是 Grails + REST Security 或 Grails + LDAP Security,但没有 Grails + REST + LDAP 的示例。
我的问题是当我需要它查看 LDAP 时,应用程序会尝试在数据库中查找用户和角色。
我发现解决方案是进入 resources.groovy 并将 userDetailsService bean 配置为仅使用 LDAP instead.The "prerequisite" 是您必须已经对 LDAP 服务器进行了正确的 LDAP 配置.我在这里找到了这个解决方案:http://swordsystems.com/2011/12/21/spring-security-cas-ldap/。并且只拍了下面一块
// Place your Spring DSL code here
import grails.plugin.springsecurity.SpringSecurityUtils
beans = {
def config = SpringSecurityUtils.securityConfig
if (config.ldap.context.server) {
SpringSecurityUtils.loadSecondaryConfig 'DefaultLdapSecurityConfig'
config = SpringSecurityUtils.securityConfig
initialDirContextFactory(org.springframework.security.ldap.DefaultSpringSecurityContextSource,
config.ldap.context.server){
userDn = config.ldap.context.managerDn
password = config.ldap.context.managerPassword
}
ldapUserSearch(org.springframework.security.ldap.search.FilterBasedLdapUserSearch,
config.ldap.search.base,
config.ldap.search.filter,
initialDirContextFactory){
}
ldapAuthoritiesPopulator(org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator,
initialDirContextFactory,
config.ldap.authorities.groupSearchBase){
groupRoleAttribute = config.ldap.authorities.groupRoleAttribute
groupSearchFilter = config.ldap.authorities.groupSearchFilter
searchSubtree = config.ldap.authorities.searchSubtree
rolePrefix = "ROLE_"
convertToUpperCase = config.ldap.mapper.convertToUpperCase
ignorePartialResultException = config.ldap.authorities.ignorePartialResultException
}
userDetailsService(org.springframework.security.ldap.userdetails.LdapUserDetailsService,
ldapUserSearch,
ldapAuthoritiesPopulator){
}
}
}
我正在尝试在 Grails 中设置 Spring 安全性,使用令牌进行身份验证(通过 Spring 安全性 REST 插件)并针对 LDAP 进行授权。我找到了几个示例(我现在打开了大约 20 个浏览器选项卡),但其中 none 个回答了整个问题。大多数示例是 Grails + REST Security 或 Grails + LDAP Security,但没有 Grails + REST + LDAP 的示例。
我的问题是当我需要它查看 LDAP 时,应用程序会尝试在数据库中查找用户和角色。
我发现解决方案是进入 resources.groovy 并将 userDetailsService bean 配置为仅使用 LDAP instead.The "prerequisite" 是您必须已经对 LDAP 服务器进行了正确的 LDAP 配置.我在这里找到了这个解决方案:http://swordsystems.com/2011/12/21/spring-security-cas-ldap/。并且只拍了下面一块
// Place your Spring DSL code here
import grails.plugin.springsecurity.SpringSecurityUtils
beans = {
def config = SpringSecurityUtils.securityConfig
if (config.ldap.context.server) {
SpringSecurityUtils.loadSecondaryConfig 'DefaultLdapSecurityConfig'
config = SpringSecurityUtils.securityConfig
initialDirContextFactory(org.springframework.security.ldap.DefaultSpringSecurityContextSource,
config.ldap.context.server){
userDn = config.ldap.context.managerDn
password = config.ldap.context.managerPassword
}
ldapUserSearch(org.springframework.security.ldap.search.FilterBasedLdapUserSearch,
config.ldap.search.base,
config.ldap.search.filter,
initialDirContextFactory){
}
ldapAuthoritiesPopulator(org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator,
initialDirContextFactory,
config.ldap.authorities.groupSearchBase){
groupRoleAttribute = config.ldap.authorities.groupRoleAttribute
groupSearchFilter = config.ldap.authorities.groupSearchFilter
searchSubtree = config.ldap.authorities.searchSubtree
rolePrefix = "ROLE_"
convertToUpperCase = config.ldap.mapper.convertToUpperCase
ignorePartialResultException = config.ldap.authorities.ignorePartialResultException
}
userDetailsService(org.springframework.security.ldap.userdetails.LdapUserDetailsService,
ldapUserSearch,
ldapAuthoritiesPopulator){
}
}
}