Spring ActiveDirectoryLdapAuthenticationProvider 问题 - 获取提供的密码无效
Spring ActiveDirectoryLdapAuthenticationProvider issue - Getting Supplied password was invalid
请看配置如下:
ldap.urls=ldap://***.***.local:8389
ldap.base.dn=dc=test,dc=com
ldap.user.dn.pattern=(&(objectClass=user)(userPrincipalName={0})(memberof=CN=Group Name,OU=***,OU=****,DC=test,DC=com))
WebSecurityConfig.java
@Configuration
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
private final static Logger log = LogManager.getLogger(WebSecurityConfig.class);
@Value("${ldap.url}")
private String ldapUrl;
@Value("${ldap.base.dn}")
private String ldapDomain;
@Value("${ldap.user.dn.pattern}")
private String ldapUserDnPattern;
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests().anyRequest().fullyAuthenticated().and().httpBasic();
}
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
ActiveDirectoryLdapAuthenticationProvider adProvider = new ActiveDirectoryLdapAuthenticationProvider(
this.ldapDomain, this.ldapUrl);
adProvider.setConvertSubErrorCodesToExceptions(true);
adProvider.setUseAuthenticationRequestCredentials(true);
// Checks with the Distinguished Name pattern provided
if (this.ldapUserDnPattern != null && this.ldapUserDnPattern.trim().length() > 0) {
adProvider.setSearchFilter(this.ldapUserDnPattern);
}
auth.authenticationProvider(adProvider);
}
}
谁能告诉我在使用 ActiveDirectoryLdapAuthenticationProvider 配置时如何指定用户名和密码?
在您的属性中定义 ldap.domain=test.com。
@Configuration
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
private final static Logger log = LogManager.getLogger(WebSecurityConfig.class);
@Value("${ldap.url}")
private String ldapUrl;
@Value("${ldap.base.dn}")
private String ldapBaseDN;
@Value("${ldap.domain}")
private String ldapDomain;
@Value("${ldap.user.dn.pattern}")
private String ldapUserDnPattern;
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests().anyRequest().fullyAuthenticated().and().httpBasic();
}
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
ActiveDirectoryLdapAuthenticationProvider adProvider = new ActiveDirectoryLdapAuthenticationProvider(
this.ldapDomain, this.ldapUrl, this.ldapBaseDN);
adProvider.setConvertSubErrorCodesToExceptions(true);
adProvider.setUseAuthenticationRequestCredentials(true);
// Checks with the Distinguished Name pattern provided
if (this.ldapUserDnPattern != null && this.ldapUserDnPattern.trim().length() > 0) {
adProvider.setSearchFilter(this.ldapUserDnPattern);
}
auth.authenticationProvider(adProvider);
}
}
请看配置如下:
ldap.urls=ldap://***.***.local:8389
ldap.base.dn=dc=test,dc=com
ldap.user.dn.pattern=(&(objectClass=user)(userPrincipalName={0})(memberof=CN=Group Name,OU=***,OU=****,DC=test,DC=com))
WebSecurityConfig.java
@Configuration
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
private final static Logger log = LogManager.getLogger(WebSecurityConfig.class);
@Value("${ldap.url}")
private String ldapUrl;
@Value("${ldap.base.dn}")
private String ldapDomain;
@Value("${ldap.user.dn.pattern}")
private String ldapUserDnPattern;
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests().anyRequest().fullyAuthenticated().and().httpBasic();
}
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
ActiveDirectoryLdapAuthenticationProvider adProvider = new ActiveDirectoryLdapAuthenticationProvider(
this.ldapDomain, this.ldapUrl);
adProvider.setConvertSubErrorCodesToExceptions(true);
adProvider.setUseAuthenticationRequestCredentials(true);
// Checks with the Distinguished Name pattern provided
if (this.ldapUserDnPattern != null && this.ldapUserDnPattern.trim().length() > 0) {
adProvider.setSearchFilter(this.ldapUserDnPattern);
}
auth.authenticationProvider(adProvider);
}
}
谁能告诉我在使用 ActiveDirectoryLdapAuthenticationProvider 配置时如何指定用户名和密码?
在您的属性中定义 ldap.domain=test.com。
@Configuration
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
private final static Logger log = LogManager.getLogger(WebSecurityConfig.class);
@Value("${ldap.url}")
private String ldapUrl;
@Value("${ldap.base.dn}")
private String ldapBaseDN;
@Value("${ldap.domain}")
private String ldapDomain;
@Value("${ldap.user.dn.pattern}")
private String ldapUserDnPattern;
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests().anyRequest().fullyAuthenticated().and().httpBasic();
}
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
ActiveDirectoryLdapAuthenticationProvider adProvider = new ActiveDirectoryLdapAuthenticationProvider(
this.ldapDomain, this.ldapUrl, this.ldapBaseDN);
adProvider.setConvertSubErrorCodesToExceptions(true);
adProvider.setUseAuthenticationRequestCredentials(true);
// Checks with the Distinguished Name pattern provided
if (this.ldapUserDnPattern != null && this.ldapUserDnPattern.trim().length() > 0) {
adProvider.setSearchFilter(this.ldapUserDnPattern);
}
auth.authenticationProvider(adProvider);
}
}