我正在尝试连接我的LDAP协议。我正在使用java spring。 我的应用程序属性:
ldap.enabled = true
ldap.base.dn=dc=pl,dc=com,dc=text
ldap.username=cn=admin,dc=pl,dc=com,dc=text
ldap.password=Pass
ldap.user.dn.pattern=uid={1},ou=users
ldap.urls=ldap://address:999
ldap.domain=myDomain
ldap.filter=(&(objectClass=user)(sAMAccountName={0}))
和我的SecurityConfig类:
...imports
@Configuration
@EnableWebSecurity(debug = false)
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
@Autowired
public void configAuthentication(AuthenticationManagerBuilder auth) throws Exception {
ldapAuthentication(auth);
}
@Value("${ldap.urls}")
private String ldapUrl;
@Value("${ldap.base.dn}")
private String ldapBaseDn;
@Value("${ldap.username}")
private String ldapManagerDn;
@Value("${ldap.password}")
private String ldapManagerPassword;
@Value("${ldap.user.dn.pattern}")
private String ldapUserDnPattern;
@Value("${ldap.domain}")
private String ldapDomain;
@Value("${ldap.filter}")
private String ldapFilter;
@Value("${ldap.enabled}")
private String ldapEnabled;
@Autowired
private CustomAuthenticationProvider authProvider;
private void ldapAuthentication(AuthenticationManagerBuilder auth) throws Exception {
auth.authenticationProvider(authProvider);
auth.eraseCredentials(true);
}
@Override
public void configure(WebSecurity web) throws Exception {
web.ignoring().antMatchers("/*.js", "/*.css", "/*.ico", "/images/*", "/fonts/*", "/tpl/*");
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf().disable()
.authorizeRequests()
.antMatchers("/", "/login.html", "/login", "/index.html", "/index").permitAll()
.anyRequest().authenticated().and().exceptionHandling().authenticationEntryPoint((req, res, exc) -> {
res.sendError(HttpServletResponse.SC_UNAUTHORIZED, exc.getMessage());
}).and()
.formLogin()
.loginPage("/logIn")
.usernameParameter("user")
.passwordParameter("pass")
.successHandler((req, res, auth) -> {
String username = auth.getName();
res.setStatus(HttpServletResponse.SC_OK);
res.setContentType("application/json");
res.setCharacterEncoding("utf-8");
PrintWriter out = res.getWriter();
out.flush();
out.close();
}).failureHandler((req, res, exc) -> {
res.setStatus(HttpServletResponse.SC_FORBIDDEN);
}).permitAll().and().logout().logoutUrl("/logout").logoutSuccessHandler((req, res, auth) -> {
res.setStatus(HttpServletResponse.SC_OK);
res.setCharacterEncoding("utf-8");
});
}
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
if(Boolean.parseBoolean(ldapEnabled)) {
auth.ldapAuthentication()
.userSearchFilter(ldapFilter)
.contextSource()
.url(ldapUrl)
.managerDn(ldapManagerDn)
.managerPassword(ldapManagerPassword)
.and()
.userDnPatterns(ldapUserDnPattern);
} else {
auth
.inMemoryAuthentication()
.withUser("user").password("pass").roles("USER");
}
}
}
我遇到了错误:
错误22384 --- [io-8080-exec-10] w.a.UsernamePasswordAuthenticationFilter:尝试验证用户身份时发生内部错误。
和错误49:
org.springframework.security.authentication.InternalAuthenticationServiceException:[LDAP:错误代码49-80090308:LdapErr:DSID-0C090421,注释:AcceptSecurityContext错误,数据52e,v23f0];嵌套的异常是javax.naming.AuthenticationExcep tion:[LDAP:错误代码49-80090308:LdapErr:DSID-0C090421,注释:AcceptSecurityContext错误,数据52e,v23f0]
我尝试弄清楚了这一点,并了解到这是由于密码错误,但是我发送的所有内容都是正确的。 此外,我检查了用户名参数“ user”并采用了正确的值。