使用Spring Security配置自定义LDAP身份验证提供程序

时间:2015-06-02 14:05:24

标签: java spring authentication spring-security ldap

我正在尝试使用LDAP身份验证配置Spring Security,但我需要获取所有登录请求的用户名。

我配置了指向我的spring-security.xml课程的MyCustomAuthenticationProvider。我认为配置是正确的,但在运行时,Spring首先尝试使用自己的LdapAuthenticationProvider登录。失败后,请求将发送到我的自定义类。我将Spring Security的日志级别设置为Debug以查看发生的情况。

[#|DEBUG| date=2015-06-02 time=10:48:11.425 thread=http-nio-8080-exec-1 controller=o.s.s.w.a.UsernamePasswordAuthenticationFilter Request is to process authentication |#]
[#|DEBUG| date=2015-06-02 time=10:48:11.428 thread=http-nio-8080-exec-1 controller=o.s.s.authentication.ProviderManager Authentication attempt using org.springframework.security.ldap.authentication.LdapAuthenticationProvider |#]
[#|DEBUG| date=2015-06-02 time=10:48:11.428 thread=http-nio-8080-exec-1 controller=o.s.s.l.a.LdapAuthenticationProvider Processing authentication request for user: admin |#]
[#|DEBUG| date=2015-06-02 time=10:48:11.429 thread=http-nio-8080-exec-1 controller=o.s.s.l.search.FilterBasedLdapUserSearch Searching for user 'admin', with user search [ searchFilter: 'uid={0}', searchBase: 'ou=people', scope: subtree, searchTimeLimit: 0, derefLinkFlag: false ] |#]
[#|DEBUG| date=2015-06-02 time=10:48:11.660 thread=http-nio-8080-exec-1 controller=o.s.s.ldap.SpringSecurityLdapTemplate Searching for entry under DN 'dc=springframework,dc=org', base = 'ou=people', filter = 'uid={0}' |#]
[#|DEBUG| date=2015-06-02 time=10:48:11.660 thread=http-nio-8080-exec-1 controller=o.s.s.authentication.ProviderManager Authentication attempt using br.com.project.auth.MyCustomAuthenticationProvider |#]
[#|INFO | date=2015-06-02 time=10:48:11.668 thread=http-nio-8080-exec-1 controller=b.c.p.auth.MyCustomAuthenticationProvider =========================> User admin is trying to login. |#]
[#|DEBUG| date=2015-06-02 time=10:48:11.668 thread=http-nio-8080-exec-1 controller=o.s.s.l.search.FilterBasedLdapUserSearch Searching for user 'admin', with user search [ searchFilter: '(uid={0})', searchBase: 'ou=people', scope: subtree, searchTimeLimit: 0, derefLinkFlag: false ] |#]
[#|DEBUG| date=2015-06-02 time=10:48:11.685 thread=http-nio-8080-exec-1 controller=o.s.s.ldap.SpringSecurityLdapTemplate Searching for entry under DN 'dc=springframework,dc=org', base = 'ou=people', filter = '(uid={0})' |#]
[#|DEBUG| date=2015-06-02 time=10:48:11.686 thread=http-nio-8080-exec-1 controller=o.s.s.w.a.UsernamePasswordAuthenticationFilter Authentication request failed: org.springframework.security.authentication.BadCredentialsException: Bad credentials |#]
[#|DEBUG| date=2015-06-02 time=10:48:11.686 thread=http-nio-8080-exec-1 controller=o.s.s.w.a.UsernamePasswordAuthenticationFilter Updated SecurityContextHolder to contain null Authentication |#]
[#|DEBUG| date=2015-06-02 time=10:48:11.686 thread=http-nio-8080-exec-1 controller=o.s.s.w.a.UsernamePasswordAuthenticationFilter Delegating to authentication failure handler org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler@64f289f7 |#]
[#|DEBUG| date=2015-06-02 time=10:48:11.693 thread=http-nio-8080-exec-1 controller=o.s.s.w.a.SimpleUrlAuthenticationFailureHandler Redirecting to /login?failed |#]

如何设置Spring使用我的自定义类而不是他的deafaul LDAP身份验证提供程序?

1 个答案:

答案 0 :(得分:0)

最后我找到了解决方案。

在spring-security.xml中,我删除了配置

<security:ldap-authentication-provider
        group-search-filter="member={0}"
        group-search-base="ou=groups"
        user-search-base="ou=people"
        user-search-filter="uid={0}"
    />