Spring Boot配置 - 2个配置LDAP - Yml文件

时间:2016-06-28 07:54:37

标签: java spring spring-boot ldap

我想在我的应用程序中使用2个不同的ldap配置。我的文件是application.yml:

management:

context-path: /management
health:
    mail:
        enabled: false # When using the MailService, configure an SMTP server and set this to true

spring:
    application:
        name: matrice2
    profiles:
    # The commented value for `active` can be replaced with valid spring profiles to load.
    # Otherwise, it will be filled in by maven when building the WAR file
    # Either way, it can be overridden by `--spring.profiles.active` value passed in the commandline or `-Dspring.profiles.active` set in `JAVA_OPTS`
        active: #spring.profiles.active#
    jpa:
        open-in-view: false
        hibernate:
            ddl-auto: none
            naming-strategy: org.springframework.boot.orm.jpa.hibernate.SpringNamingStrategy
    messages:
        basename: i18n/messages
    mvc:
        favicon:
            enabled: false
    thymeleaf:
        mode: XHTML

security:

    basic:
        enabled: false


jhipster: 
    async:
        corePoolSize: 2
        maxPoolSize: 50
        queueCapacity: 10000
    mail:
        from: matrice2@localhost
    swagger:
        title: matrice2 API
        description: matrice2 API documentation
        version: 0.0.1
        termsOfServiceUrl:
        contactName:
        contactUrl:
        contactEmail:
        license:
        licenseUrl:
ldap:
    url: ldap://ldap.east.app.company.com:389
    base: DC=west,DC=app,DC=company,DC=com
    manager:
        dn: CN=toto,OU=CDS,OU=Company_Commun,DC=west,DC=app,DC=company,DC=com
    password: toto    
    grpAdmin : GRP_PROJECT_ADMIN
    grpUser : GRP_PROJECT_ADMIN


ldap:
    url: ldap://ba-dc1.app.company.com:389
    base: DC=app,DC=company,DC=com
    manager:
        dn: CN=ad_c_s,OU=C_d_S,DC=app,DC=company,DC=com
        password: toto!service    
    grpAdmin : GRP_PROJECT_ADMIN
    grpUser : GRP_PROJECT_ADMIN

我犯了这个错误:

Exception in thread "restartedMain" java.lang.reflect.InvocationTargetException
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:497)
at org.springframework.boot.devtools.restart.RestartLauncher.run(RestartLauncher.java:49)
Caused by: while parsing MappingNode
in 'reader', line 14, column 1:
management:

Duplicate key : ldap in 'reader', line 97, column 1.

有没有办法让多个配置ldap?有人有想法吗?

由于

1 个答案:

答案 0 :(得分:0)

我们遇到了类似的问题。您必须注册自己的WebSecurityConfig才能使其与您自己@ConfigProperies一样有效。如果您更改要进行身份验证的LDAP服务器的数量,但该方法不是理想的,因为它不需要代码更改,但这不应该是一个大问题。因为对于我们的系统,凭据是相同的,我们只有一个LDAP设置,也许你必须调整它。但这应该给你一个提示。

<强> application.yaml

ldap:
  amUrl: ldaps://us-server
  emeaUrl: ldaps://eu-server
  bindCn: CN=blah,OU=blah,DC=blah,DC=local
  bindPass: my-secret-password

<强> SecurityConfigProperties

@Data
@ConfigurationProperties(prefix = "ldap")
public class SecurityConfigProperties {
    private String emeaLdapUrl;
    private String amLdapUrl;
    private int ldapPort;
    private String bindCn;
    private String bindPass; 
}

<强> SecurityConfig

@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {

    // Don't hit me for this Oli!
    @Autowired
    private SecurityConfigProperties conf;

    @Autowired
    public void configureGlobal(AuthenticationManagerBuilder authBuilder) throws Exception {
        authBuilder
            .ldapAuthentication()
            .userSearchFilter("(sAMAccountName={0})")
            .userSearchBase("dc=am,dc=blah,dc=local")
            .groupSearchBase("ou=groups,dc=am,dc=blah,dc=local")
            .groupSearchFilter("member={0}")
            .contextSource()
                .url(conf.getAmLdapUrl())
                .managerDn(conf.getBindCn())
                .managerPassword(conf.getBindPass())
            .and()          
            .and()
            .ldapAuthentication()
            .userSearchFilter("(sAMAccountName={0})")
            .userSearchBase("dc=emea,dc=blah,dc=local")
            .groupSearchBase("ou=groups,dc=emea,dc=blah,dc=local")
            .groupSearchFilter("member={0}")
            .contextSource()
                .url(conf.getEmeaLdapUrl())
                .managerDn(conf.getBindCn()) 
                .managerPassword(conf.getBindPass())
        ;
    }
}

希望有所帮助!