我正在尝试将Angular 2与Spring启动集成。登录页面来自Angular 2服务器,我正在尝试使用Spring登录控制器进行身份验证。似乎没有登录控制器,只有servler - j_spring_security_check。如何在不使用Spring Login页面的情况下编写自定义登录控制器。 此外,我的应用程序正在使用Spring boot中的LDAP。
我的控制器如下
@RestController
public class LoginController {
@Autowired
private AuthenticationManager authenticationManager;
@RequestMapping("/api/login")
public String login(@RequestParam(value="name") String name,@RequestParam(value="password") String password) {
System.out.println("My login controller");
System.out.println("User name is " + name);
System.out.println("Passwird is " + password);
Authentication request = new UsernamePasswordAuthenticationToken(name, password);
Authentication result = authenticationManager.authenticate(request);
System.out.println(result.getPrincipal());
System.out.println(result.getAuthorities());
SecurityContextHolder.getContext().setAuthentication(result);
return "ok";
}
}
My web security config is as below
@Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
//.antMatchers("/api/**").hasRole("MANAGER")
.antMatchers("/api/login").permitAll()
.anyRequest().fullyAuthenticated();
/*.and()
.formLogin().defaultSuccessUrl("/api");*///.and().exceptionHandling().accessDeniedPage("/404");
}
@Override
public void configure(AuthenticationManagerBuilder auth) throws Exception {
auth
.ldapAuthentication()
.userDnPatterns(new String[]{"uid={0},ou=people"})
.groupSearchBase("ou=groups")
.contextSource(contextSource())
.passwordCompare()
//.passwordEncoder(new LdapShaPasswordEncoder())
.passwordAttribute("userPassword");
}
@Bean
public DefaultSpringSecurityContextSource contextSource() {
return new DefaultSpringSecurityContextSource(Arrays.asList("ldap://localhost:8389/"), "dc=springframework,dc=org");
}
}