Spring ldap:没有授予任何权限

时间:2015-06-17 19:49:43

标签: java xml spring security ldap

我正在尝试从xml文件中删除构造函数信息。这些信息将通过System.getProperty加载。

原始代码运行正常,如下:

    <bean id="authoritiesPopulator" class="org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator">
        <constructor-arg index="0" ref="initialDirContextFactory"/>
        <constructor-arg index="1" value="OU=AA,DC=US,DC=BB,DC=local"/>
        <property name="groupRoleAttribute" value="CN"/>
        <property name="searchSubtree" value="true"/>
        <property name="ignorePartialResultException" value="true"/>
    </bean>

    <bean id="userSearch" class="org.springframework.security.ldap.search.FilterBasedLdapUserSearch">
        <constructor-arg index="0" value="OU=AA,DC=US,DC=BB,DC=local"/>
        <constructor-arg index="1" value="(sAMAccountName={0})"/>
        <constructor-arg index="2" ref="initialDirContextFactory"/>
        <property name="searchSubtree" value="true"/>
    </bean>
<bean id="initialDirContextFactory" class="com.AA.BB.LdapConfig"/>

我修改了代码。现在,ldap找不到任何用户:Authenticated false。没有授予任何权力。

<bean id="initialDirContextFactory" class="com.AA.BB.LdapConfig"/>
<bean id="authoritiesPopulator" class="com.AA.BB.AuthoritiesPopulator"/>
<bean id="userSearch" class="com.AA.BB.UserSearch"/>
public class UserSearch implements LdapUserSearch {
    public UserSearch() {
        this.searchBase="OU=AA,DC=US,DC=BB,DC=local";
        this.searchFilter="(sAMAccountName={0})"
    }
}

有什么想法吗?谢谢!

更新:

ldap structure
us.BB.local
AA(foler)
AAA(subfolder)
BBB(subfolder)
CCC(subfolder)
DDD(subfolder);

1 个答案:

答案 0 :(得分:0)

<bean id="initialDirContextFactory" class="com.AA.BB.LdapConfig"/>
<bean id="authoritiesPopulator" class="com.AA.BB.AuthoritiesPopulator"/>
<bean id="userSearch" class="com.AA.BB.UserSearch">        
    <constructor-arg index="0" ref="initialDirContextFactory"/>
    <property name="searchSubtree" value="true"/>
</bean>
// UserSearch copied from FilterBasedLdapUserSearch, just modified the constructor
public class UserSearch implements LdapUserSearch {
    public UserSearch(BaseLdapPathContextSource contextSource) {
        this.contextSource = contextSource;
        this.searchBase="OU=AA,DC=US,DC=BB,DC=local";
        this.searchFilter="(sAMAccountName={0})"
    }
}

上述代码修复了此问题。

但我仍然无法弄清楚为什么以前的方法不起作用。我怀疑LdapConfig bean未正确注入,尽管三个bean已成功实例化。