我想在我的应用程序中使用2个不同的ldap配置。我的文件是application.yml:
management:
context-path: /management
health:
mail:
enabled: false # When using the MailService, configure an SMTP server and set this to true
spring:
application:
name: matrice2
profiles:
# The commented value for `active` can be replaced with valid spring profiles to load.
# Otherwise, it will be filled in by maven when building the WAR file
# Either way, it can be overridden by `--spring.profiles.active` value passed in the commandline or `-Dspring.profiles.active` set in `JAVA_OPTS`
active: #spring.profiles.active#
jpa:
open-in-view: false
hibernate:
ddl-auto: none
naming-strategy: org.springframework.boot.orm.jpa.hibernate.SpringNamingStrategy
messages:
basename: i18n/messages
mvc:
favicon:
enabled: false
thymeleaf:
mode: XHTML
security:
basic:
enabled: false
jhipster:
async:
corePoolSize: 2
maxPoolSize: 50
queueCapacity: 10000
mail:
from: matrice2@localhost
swagger:
title: matrice2 API
description: matrice2 API documentation
version: 0.0.1
termsOfServiceUrl:
contactName:
contactUrl:
contactEmail:
license:
licenseUrl:
ldap:
url: ldap://ldap.east.app.company.com:389
base: DC=west,DC=app,DC=company,DC=com
manager:
dn: CN=toto,OU=CDS,OU=Company_Commun,DC=west,DC=app,DC=company,DC=com
password: toto
grpAdmin : GRP_PROJECT_ADMIN
grpUser : GRP_PROJECT_ADMIN
ldap:
url: ldap://ba-dc1.app.company.com:389
base: DC=app,DC=company,DC=com
manager:
dn: CN=ad_c_s,OU=C_d_S,DC=app,DC=company,DC=com
password: toto!service
grpAdmin : GRP_PROJECT_ADMIN
grpUser : GRP_PROJECT_ADMIN
我犯了这个错误:
Exception in thread "restartedMain" java.lang.reflect.InvocationTargetException
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:497)
at org.springframework.boot.devtools.restart.RestartLauncher.run(RestartLauncher.java:49)
Caused by: while parsing MappingNode
in 'reader', line 14, column 1:
management:
Duplicate key : ldap in 'reader', line 97, column 1.
有没有办法让多个配置ldap?有人有想法吗?
由于
答案 0 :(得分:0)
我们遇到了类似的问题。您必须注册自己的WebSecurityConfig
才能使其与您自己@ConfigProperies
一样有效。如果您更改要进行身份验证的LDAP服务器的数量,但该方法不是理想的,因为它不需要代码更改,但这不应该是一个大问题。因为对于我们的系统,凭据是相同的,我们只有一个LDAP设置,也许你必须调整它。但这应该给你一个提示。
<强> application.yaml 强>
ldap:
amUrl: ldaps://us-server
emeaUrl: ldaps://eu-server
bindCn: CN=blah,OU=blah,DC=blah,DC=local
bindPass: my-secret-password
<强> SecurityConfigProperties 强>
@Data
@ConfigurationProperties(prefix = "ldap")
public class SecurityConfigProperties {
private String emeaLdapUrl;
private String amLdapUrl;
private int ldapPort;
private String bindCn;
private String bindPass;
}
<强> SecurityConfig 强>
@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {
// Don't hit me for this Oli!
@Autowired
private SecurityConfigProperties conf;
@Autowired
public void configureGlobal(AuthenticationManagerBuilder authBuilder) throws Exception {
authBuilder
.ldapAuthentication()
.userSearchFilter("(sAMAccountName={0})")
.userSearchBase("dc=am,dc=blah,dc=local")
.groupSearchBase("ou=groups,dc=am,dc=blah,dc=local")
.groupSearchFilter("member={0}")
.contextSource()
.url(conf.getAmLdapUrl())
.managerDn(conf.getBindCn())
.managerPassword(conf.getBindPass())
.and()
.and()
.ldapAuthentication()
.userSearchFilter("(sAMAccountName={0})")
.userSearchBase("dc=emea,dc=blah,dc=local")
.groupSearchBase("ou=groups,dc=emea,dc=blah,dc=local")
.groupSearchFilter("member={0}")
.contextSource()
.url(conf.getEmeaLdapUrl())
.managerDn(conf.getBindCn())
.managerPassword(conf.getBindPass())
;
}
}
希望有所帮助!