我在Spring webapp中有下一个配置,但我无法从用户那里获得ROLES。
配置
<security:authentication-manager>
<security:ldap-authentication-provider
user-search-filter="(uid={0})"
user-search-base="ou=users"
group-search-filter="(uniqueMember={0})"
group-search-base="ou=groups"
group-role-attribute="cn"
role-prefix="ROLE_">
</security:ldap-authentication-provider>
</security:authentication-manager>
<security:ldap-server url="ldap://x.x.x.x:389/dc=test,dc=com"
manager-dn="cn=admin,dc=test,dc=com"
manager-password="test" />
我尝试使用其他配置,但没有任何内容,使用这两种解决方案我都获得了UserLogged但未通过身份验证。
<security:authentication-manager>
<security:authentication-provider
ref='ldapAuthProvider' />
</security:authentication-manager>
<bean id="contextSource"
class="org.springframework.security.ldap.DefaultSpringSecurityContextSource">
<constructor-arg value="ldap://x.x.x.x:389/dc=test,dc=com" />
<property name="userDn" value="cn=admin,dc=test,dc=com" />
<property name="password" value="test" />
</bean>
<bean id="ldapAuthProvider"
class="org.springframework.security.ldap.authentication.LdapAuthenticationProvider">
<constructor-arg>
<bean
class="org.springframework.security.ldap.authentication.BindAuthenticator">
<constructor-arg ref="contextSource" />
<property name="userDnPatterns">
<list>
<value>uid={0},ou=users</value>
</list>
</property>
</bean>
</constructor-arg>
<constructor-arg>
<bean
class="org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator">
<constructor-arg ref="contextSource" />
<constructor-arg value="ou=groups" />
<property name="groupRoleAttribute" value="cn" />
<!-- the following properties are shown with their default values -->
<property name="searchSubtree" value="false" />
<property name="rolePrefix" value="ROLE_" />
<property name="convertToUpperCase" value="true" />
</bean>
</constructor-arg>
</bean>
有人可以帮忙吗?