我正在尝试学习spring,并创建一个网站,该网站将通过登录页面关闭身份验证,并将角度传递给spring,这需要使用ldap进行身份验证。我以为我会从Spring网站开始,然后浏览那里的指南,但是它似乎使用了已弃用的代码,并且有错误。
我已经遍历了多个stackoverflow主题和google搜索,但是找不到所需的东西。
src/main/java/hello/WebSecurityConfig.java
package hello;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.password.LdapShaPasswordEncoder;
@Configuration
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.anyRequest().fullyAuthenticated()
.and()
.formLogin();
}
@Override
public void configure(AuthenticationManagerBuilder auth) throws Exception {
auth
.ldapAuthentication()
.userDnPatterns("uid={0},ou=people")
.groupSearchBase("ou=groups")
.contextSource()
.url("ldap://localhost:8389/dc=springframework,dc=org")
.and()
.passwordCompare()
.passwordEncoder(new LdapShaPasswordEncoder())
.passwordAttribute("userPassword");
}
}
问题是“ .passwordEncoder(新的LdapShaPasswordEncoder()).passwordAttribute(“ userPassword”)”不赞成使用LdapShaPasswordEncoder,因此,无论是.passwordEncoder采取什么措施,还是LdapShaPasswordEncoder返回的PasswordEncoder。我已经尝试使用BCryptPasswordEncoder在stack上找到的BCrypt示例,但是仍然从.passwordEncoder收到错误消息,它不是正确的PasswordEncoder org.springframework.security.authentication.encoding.PasswordEncoder与org.springframework.security.crypto .password.PasswordEncoder
答案 0 :(得分:0)
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth
.ldapAuthentication()
.userDnPatterns("uid={0},ou=people")
.groupSearchBase("ou=groups")
.contextSource()
.url("ldap://localhost:8389/dc=springframework,dc=org")
.and()
.passwordCompare()
.passwordEncoder(new BCryptPasswordEncoder())
.passwordAttribute("userPassword");
}