我在项目中使用Spring Security实现了LDAP身份验证和授权。我配置了spring-security.xml并使其运行。我正在尝试使用Java(WebSecurityConfig.java)来做同样的事情。有人可以指导我如何做到这一点吗?
<% @b = 1 %>现在,如果我想在JAVA样式(在WebSecurityConfig.java中)执行相同操作并删除XML,我该怎么办?我不太熟悉为此提供的API。我是这样开始的:
Here is my spring-security.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:security="http://www.springframework.org/schema/security"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.2.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.2.xsd">
<!-- This is where we configure Spring-Security -->
<security:http auto-config="true" use-expressions="true" >
<security:intercept-url pattern="/main/common" access="hasRole('role.xyz.WebAdmin')"/>
<security:intercept-url pattern="/admincare" access="hasRole('role.xyz.WebAdmin')"/>
<security:form-login
login-page="/auth/login"
authentication-failure-url="/auth/login?error=true"
default-target-url="/main/common"/>
<security:logout
invalidate-session="true"
logout-success-url="/auth/login"
logout-url="/auth/logout"/>
</security:http>
<security:authentication-manager>
<security:authentication-provider ref="ldapAuthProvider" />
</security:authentication-manager>
<bean id="ldapAuthProvider" class="org.springframework.security.ldap.authentication.LdapAuthenticationProvider">
<constructor-arg name="authenticator">
<bean class="org.springframework.security.ldap.authentication.BindAuthenticator">
<constructor-arg ref="ldapContext" />
<property name="userSearch">
<bean class="org.springframework.security.ldap.search.FilterBasedLdapUserSearch">
<constructor-arg name="searchBase" value="" />
<constructor-arg name="searchFilter" value="(&(uid={0})(objectclass=person)(ums-account-state=OK))" />
<constructor-arg name="contextSource" ref="ldapContext" />
</bean>
</property>
</bean>
</constructor-arg>
<constructor-arg>
<bean class="com.gemalto.mobileid.service.UmsLdapAuthoritiesPopulator">
<constructor-arg ref="ldapContext"/>
</bean>
</constructor-arg>
</bean>
<security:ldap-server id="ldapContext" url="ldap://aaa:54389/dc=xxx.com" manager-dn="bbb" manager-password="ccc" />
</beans>
我不确定如何在WebSecurityConfig的Java代码中设置其余参数(如XML中所做的那样)。任何帮助都会非常感激
答案 0 :(得分:1)
请试试这个: -
@Bean
public BaseLdapPathContextSource contextSource() {
DefaultSpringSecurityContextSource contextSource = new DefaultSpringSecurityContextSource("ldap://aaa:54389/dc=xxx.com");
contextSource.setUserDn("bbb");
contextSource.setPassword("ccc");
return contextSource;
}
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.ldapAuthentication()
.contextSource(contextSource())
.and()
.ldapAuthoritiesPopulator(new UmsLdapAuthoritiesPopulator(contextSource()))
.and()
.userSearchBase("").userSearchFilter("(&(uid={0})(objectclass=person)(ums-account-state=OK))");
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests().antMatchers("/main/common**","/admincare**").hasRole("role.xyz.WebAdmin")
.and().formLogin().loginPage("/auth/login").failureUrl("/auth/login?error=true").defaultSuccessUrl("/main/common")
.and().logout().invalidateHttpSession(true).logoutSuccessUrl("/auth/login").logoutUrl("/auth/logout");
}