LDAP身份验证 - Spring Security - LdapAuthenticationProvider

时间:2016-05-06 14:58:09

标签: java spring spring-security spring-security-ldap

我很难让LDAP安全配置与xml配置一起使用。

我收到以下错误:

org.springframework.beans.factory.BeanCreationException: Error creating bean               with name 'securityConfig': Injection of autowired dependencies failed; nested     exception is org.springframework.beans.factory.BeanCreationException: Could not autowire field: private org.springframework.security.ldap.authentication.LdapAuthenticationProvider sgcbmw.security.SecurityConfig.ldapAuthenticationProvider; nested exception is org.springframework.beans.factory.NoSuchBeanDefinitionException: No qualifying bean of type [org.springframework.security.ldap.authentication.LdapAuthenticationProvider] found for dependency: expected at least 1 bean which qualifies as autowire candidate for this dependency. Dependency annotations: @org.springframework.beans.factory.annotation.Autowired(required=true)

我的安全配置:

<bean id="contextSource"class="org.springframework.security.ldap.DefaultSpringSecurityContextSource">
        <constructor-arg value="ldap:/ldapserver"/>
        <property name="userDn" value="user"/>
        <property name="password" value="pass"/>
    </bean>

    <bean id="ldapAuthProvider"
          class="org.springframework.security.ldap.authentication.LdapAuthenticationProvider">
        <constructor-arg>
            <bean class="org.springframework.security.ldap.authentication.BindAuthenticator">
                <constructor-arg ref="contextSource"/>
                <property name="userSearch">
                <bean id="userSearch"
                      class="org.springframework.security.ldap.search.FilterBasedLdapUserSearch">
                    <constructor-arg index="0" value=""/>
                    <constructor-arg index="1" value="(&amp;(objectClass=user)(sAMAccountName={0}))"/>
                    <constructor-arg index="2" ref="contextSource" />
                </bean>
                </property>
                <property name="userDnPatterns">
                    <list><value>uid={0},ou=people</value></list>
                </property>
            </bean>
        </constructor-arg>
        <constructor-arg>
            <bean  class="org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator">
                <constructor-arg ref="contextSource"/>
                <constructor-arg value="ou=groups"/>
                <property name="groupRoleAttribute" value="memberOf"/>
            </bean>
        </constructor-arg>
    </bean>
    <security:authentication-manager>
        <security:authentication-provider ref="ldapAuthProvider" />
    </security:authentication-manager>

配置适配器:

@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {

@Autowired
private LdapAuthenticationProvider ldapAuthenticationProvider;

@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
    auth.authenticationProvider(ldapAuthenticationProvider);
}

@Override
protected void configure(HttpSecurity http) throws Exception {
    http
            .csrf().disable()
            .authorizeRequests()
            .anyRequest().fullyAuthenticated()
            .and()
            .formLogin();
}
}

不应该这样注入LdapAuthenticationProvider吗?

1 个答案:

答案 0 :(得分:0)

解决了我的问题:

为了安全起见,我创建了一个上下文xml配置,并将以下内容添加到web.xml中:

 <context-param>
    <param-name>contextConfigLocation</param-name>
    <param-value>classpath:spring/business-config.xml classpath:spring/spring-security-config.xml</param-value>
</context-param>

最后,我将spring配置放在spring-security-config.xml上,并在我的类WebSecurityConfigurerAdapter上自动装配它们。从xml中删除了它:

<security:authentication-manager>
    <security:authentication-provider ref="ldapAuthProvider" />
</security:authentication-manager>

感谢您的帮助。

相关问题
最新问题