Spring Boot

时间:2017-05-06 05:47:34

标签: spring authentication spring-boot ldap

我想在Spring Boot应用程序中实现LDAP身份验证。我有如下配置类:

@Configuration
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

//@Value("${ad.domain}")
private String AD_DOMAIN;

//@Value("${ad.url}")
private String AD_URL;

WebSecurityConfig() {
    AD_DOMAIN = "domain.com";
    AD_URL = "ldap://URL";
}

@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests().anyRequest().fullyAuthenticated().and().formLogin().permitAll().and().logout().permitAll();
}

@Override
public void configure(AuthenticationManagerBuilder auth) throws Exception {
    auth.authenticationProvider(activeDirectoryLdapAuthenticationProvider()).userDetailsService(userDetailsService());
}

@Bean
public AuthenticationManager authenticationManager() {
    return new ProviderManager(Arrays.asList(activeDirectoryLdapAuthenticationProvider()));
}

@Bean
public AuthenticationProvider activeDirectoryLdapAuthenticationProvider() {
    ActiveDirectoryLdapAuthenticationProvider provider = new ActiveDirectoryLdapAuthenticationProvider(AD_DOMAIN, AD_URL);
    provider.setConvertSubErrorCodesToExceptions(true);
    provider.setUseAuthenticationRequestCredentials(true);
    return provider;
  }
}

控制器:

@Controller
public class HomeController {
@GetMapping("/")
public String index() {
    Authentication auth = SecurityContextHolder.getContext().getAuthentication();
    String user = auth.getName();
    return "Welcome to the home page "+ user;
}

我的pom文件依赖于:

<dependencies>
    <dependency>
        <groupId>org.springframework.ldap</groupId>
        <artifactId>spring-ldap-core</artifactId>
    </dependency>
    <dependency>
        <groupId>org.springframework.security</groupId>
        <artifactId>spring-security-ldap</artifactId>
    </dependency>
    <dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-web</artifactId>
    </dependency>
    <dependency>
        <groupId>org.projectlombok</groupId>
        <artifactId>lombok</artifactId>
        <optional>true</optional>
    </dependency>
    <dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-tomcat</artifactId>
        <scope>provided</scope>
    </dependency>
    <dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-test</artifactId>
        <scope>test</scope>
    </dependency>
    <dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-security</artifactId>
    </dependency>
</dependencies>

这里一切正常我正在获取SpringBoot的默认登录页面,身份验证也正常工作。 但是现在我想在我的WebSecurityConfig类中使用自定义登录页面,我已经完成了以下操作:

@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests().anyRequest().authenticated().and().formLogin().loginPage("/login").permitAll().and().logout().permitAll();
}

其中/login是我的自定义登录页面。但这不起作用。我认为AuthenticationManager绑定到Spring的默认登录页面。

有人可以建议我,这会有所帮助。感谢

0 个答案:

没有答案