Spring LDAP没有获得所有权限

时间:2015-06-10 15:31:19

标签: java spring spring-security spring-ldap

所以我遇到了从LDAP到Spring的所有适当权限的问题。我能够得到一些当局,但不是所有当局。

我的LDAP结构如下所示:

enter image description here

我正在使用:Spring 4,Spring Security 4,Spring LDAP 2

我的application-context-security.xml包含:

<ldap-server url="${ldap.server.url}" />

<beans:bean id="gridInetOrgUserMapper" class="com.package.of.company.commons.GridInetOrgPersonContextMapper" />

<beans:bean id="localSecurityHandler" class="com.package.of.stuff.service.impl.SecurityHandler">
    <beans:constructor-arg ref="userService" />
</beans:bean>

<authentication-manager id="authenticationManagerCas">
    <authentication-provider ref="casAuthenticationProvider" />
</authentication-manager>

<beans:bean id="casAuthenticationProvider" class="org.springframework.security.cas.authentication.CasAuthenticationProvider">
    <beans:property name="userDetailsService" ref="ldapUserService"/> 
    <beans:property name="serviceProperties" ref="serviceProperties" />
    <beans:property name="ticketValidator">
        <beans:bean class="org.jasig.cas.client.validation.Cas20ServiceTicketValidator">
            <beans:constructor-arg index="0" value="${security.cas.app.url}" />
        </beans:bean>
    </beans:property>
    <beans:property name="key" value="knowledge"/>
</beans:bean>

<ldap-user-service  
    id="ldapUserService" 
    user-search-base="ou=People" 
    user-search-filter="(uid={0})" 
    group-search-base="ou=Groups"
    group-role-attribute="cn"
    group-search-filter="(objectClass=*)"
    role-prefix="none" 
    user-context-mapper-ref="gridInetOrgUserMapper"/>

<beans:bean id="serviceProperties" class="org.springframework.security.cas.ServiceProperties">
    <beans:property name="service" value="${security.cas.postback.service.name}"/>
    <beans:property name="sendRenew" value="false"/>
</beans:bean>

<beans:bean id="casFilter" class="org.springframework.security.cas.web.CasAuthenticationFilter">
    <beans:property name="authenticationManager" ref="authenticationManagerCas"/>
    <beans:property name="authenticationSuccessHandler" ref="localSecurityHandler">
    </beans:property>
</beans:bean>

<beans:bean id="casEntryPoint" class="org.springframework.security.cas.web.CasAuthenticationEntryPoint">
    <beans:property name="loginUrl" value="${security.cas.login.url}"/>
    <beans:property name="serviceProperties" ref="serviceProperties"/>
</beans:bean>

我能够退出LAUNCHERADMIN和LAUNCHERUSER,但不是任何知识权威人士。在过去的3天里,我一直坚持这一点。任何帮助将不胜感激。

0 个答案:

没有答案