我已使用以下配置设置了ldap身份验证。我只需要用户对LDAP数据存储进行身份验证,然后让他们的会话获得身份验证令牌。从阅读文档来看,这就是我认为应该发生的事情:
applicationContextSecurity.xml
<ldap-server id="contextSource"
url="ldap://192.168.0.1:389/DC=cn,DC=bleum,DC=com"
manager-dn="cn=buddy,ou=Neil,OU=Development,OU=Micosoft,DC=cn,DC=Micosoft,DC=com"
manager-password="A,1234567890" />
<authentication-manager alias="authenticationManager" erase-credentials="true">
<!--<authentication-provider user-service-ref="securityManagerSupport"/> -->
<ldap-authentication-provider server-ref="contextSource" role-prefix="none" user-search-filter="(uid={0})"
user-search-base="ou=Neil,OU=Development,OU=Micosoft" user-context-mapper-ref="contextMapper">
</ldap-authentication-provider>
</authentication-manager>
<beans:bean id="contextMapper" class="com.micosoft.neil.security.UserDetailsContextMapperSupport"/>
Error:
[DEBUG,FilterBasedLdapUserSearch] Searching for user 'test', with user search [ searchFilter: '(samaccountname={0})', searchBase: 'dc=company,dc=com', scope: subtree, searchTimeLimit: 0, derefLinkFlag: false ]
[DEBUG,AbstractContextSource] Got Ldap context on server 'ldap://adapps.company.com:389/dc=company,dc=com'
[INFO,SpringSecurityLdapTemplate] Ignoring PartialResultException
[DEBUG,XmlWebApplicationContext] Publishing event in Root WebApplicationContext: org.springframework.security.authentication.event.AuthenticationFailureBadCredentialsEvent[source=org.springframework.security.authentication.UsernamePasswordAuthenticationToken@488b5f0b: Principal: test; Password: [PROTECTED]; Authenticated: false; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@fffd148a: RemoteIpAddress: 127.0.0.1; SessionId: 0718B7EED3F930C63C03DA97C4344CBD; Not granted any authorities]
[DEBUG,UsernamePasswordAuthenticationFilter] Authentication request failed: org.springframework.security.authentication.BadCredentialsException: Bad credentials
[DEBUG,UsernamePasswordAuthenticationFilter] Updated SecurityContextHolder to contain null Authentication
[DEBUG,UsernamePasswordAuthenticationFilter] Delegating to authentication failure handlerorg.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler@395158
[DEBUG,TokenBasedRememberMeServices] Interactive login attempt was unsuccessful.
[DEBUG,TokenBasedRememberMeServices] Cancelling cookie
答案 0 :(得分:0)
从结果看,密码不正确,所以如果您尝试输入错误的用户/密码,那么是的,这就是预期的。
真的不确定你的问题是什么?你期待不同的东西吗?你传递了正确的证件吗?
答案 1 :(得分:0)
我在几乎相同的配置下遇到了同样的错误。我还不能给你答案(抱歉!),但是通过Spring类运行调试器,似乎他们试图将用户输入的密码作为字符串进行比较(并且调试器确认它是正确的密码)从LDAP检索到的密码 - 为空 - 然后失败。