Question

我正在使用protocole Ldap创建带有spring security 3的应用程序，而JSF 2的问题是我总是认证失败！这是我的配置：

  <http use-expressions="true" >
    <intercept-url pattern="/pages/DRH/**" access="hasRole('ROLE_ADM')" />
  <intercept-url pattern="/pages/Employe/**" access="hasRole('ROLE_EMP')" />
    <!-- Custom login page -->
    <form-login login-page="/login.jsf"  authentication-success-handler-ref="loginSuccessHandler"
  authentication-failure-handler-ref="loginFailureHandler" />

    <!-- Custom logout page -->
    <logout />
   </http>
     <beans:bean  id="loginSuccessHandler" class="exp.customloginpage.AuthSuccessHandler" />
  <beans:bean id="loginFailureHandler" class="exp.customloginpage.AuthFailureHandler" />
 <!-- Use authentication provider. -->
    <beans:bean id="contextSource"  class="org.springframework.security.ldap.DefaultSpringSecurityContextSource">
        <beans:constructor-arg index="0"  value="ldap://192.168.6.42:389/cn=Users,dc=exp,dc=com" />
     </beans:bean>
  <beans:bean id="ldapUserSearch"  class="org.springframework.security.ldap.search.FilterBasedLdapUserSearch">

    <beans:constructor-arg index="0" value=""/>
    <beans:constructor-arg index="1" value="(uid={0})"/>
    <beans:constructor-arg index="2" ref="contextSource" />
    <beans:property name="searchSubtree" value="true" /> <!-- Recherche dans les     sous-branches -->
</beans:bean>

  <beans:bean id="userDetailsAuthoritiesPopulator"   class="exp.customloginpage.UserDetailsAuthoritiesPopulator" />
   <beans:bean id="ldapAuthProvider" class="org.springframework.security.ldap.authentication.LdapAuthenticationProvider">
  <beans:constructor-arg index="0">
        <beans:bean class="org.springframework.security.ldap.authentication.BindAuthenticator">
        <beans:constructor-arg index="0" ref="contextSource" />
        <beans:property name="userSearch" ref="ldapUserSearch" />
    </beans:bean>
 </beans:constructor-arg>
 <beans:constructor-arg index="1">
    <beans:bean      class="exp.customloginpage.UserDetailsAuthoritiesPopulator" />
  </beans:constructor-arg>
 </beans:bean>

 <authentication-manager>
<authentication-provider   ref="ldapAuthProvider" />
 </authentication-manager>

这是我的managedBean

 public String doLogin() throws ServletException, IOException {

    ExternalContext context = FacesContext.getCurrentInstance().getExternalContext();
    RequestDispatcher dispatcher = ((ServletRequest) context.getRequest())
            .getRequestDispatcher("/j_spring_security_check");

    dispatcher.forward((ServletRequest) context.getRequest(),
            (ServletResponse) context.getResponse());

    FacesContext.getCurrentInstance().responseComplete();
    return null;

}

任何想法？

使用jsf进行Spring安全性和Ldap身份验证

0 个答案: