Spring嵌入式ldap服务器无法执行搜索

时间:2018-03-23 09:15:51

标签: spring spring-security spring-security-ldap

使用spring嵌入式ldap服务器时,我遇到错误。

您的登录尝试失败,请重试。

  

原因:[LDAP:错误代码32 - 无法执行搜索,因为服务器中不存在基本条目'ou = people,dc = example,dc = com'。嵌套异常是javax.naming.NameNotFoundException:[LDAP:错误代码32 - 无法执行搜索,因为服务器中不存在基本条目'ou = people,dc = example,dc = com'。剩余名称'ou = people'

以下是我的代码 

<dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-security</artifactId>
        </dependency>
        <dependency>
            <groupId>org.springframework.ldap</groupId>
            <artifactId>spring-ldap-core</artifactId>
        </dependency>
        <dependency>
            <groupId>org.springframework.security</groupId>
            <artifactId>spring-security-ldap</artifactId>
        </dependency>

        <dependency>
            <groupId>com.unboundid</groupId>
            <artifactId>unboundid-ldapsdk</artifactId>
        </dependency> <!-- This is the ldap server-->
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-web</artifactId>
        </dependency>

    dn: ou=groups,dc=example,dc=com
    objectclass: top
    objectclass: organizationalUnit
    ou: groups

    dn: ou=people,dc=example,dc=com
    objectclass: top
    objectclass: organizationalUnit
    ou: people

    dn: uid=vandna,ou=people,dc=example,dc=com
    objectclass: top
    objectclass: person
    objectclass: organizationalPerson
    objectclass: inetOrgPerson
    cn: vandna bhimjiyani
    sn: bhimjiyani
    uid: vandna
    userPassword: password

    dn: uid=kaushik,ou=people,dc=example,dc=com
    objectclass: top
    objectclass: person
    objectclass: organizationalPerson
    objectclass: inetOrgPerson
    cn: kaushik andani
    sn: andani
    uid: kaushik
    userPassword: password

    dn: cn=user,ou=groups,dc=example,dc=com
    objectclass: top
    objectclass: groupOfNames
    cn: user
    uniqueMember: uid=vandna,ou=people,dc=example,dc=com

    dn: cn=admin,ou=groups,dc=nascent,dc=com
    objectclass: top
    objectclass: groupOfNames
    cn: admin
    uniqueMember: uid=kaushik,ou=people,dc=example,dc=com
WebSecurityConfigurerAdapter

中的

@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
            auth.ldapAuthentication()
                    .userSearchBase("ou=people")
                    .userSearchFilter("(uid={0})").groupSearchBase("ou=groups")
                    .groupSearchFilter("(member={0})")
                    .contextSource().root("dc=nascent,dc=com")
                    .ldif("src/main/resources/users.ldif");
        }

1 个答案:

答案 0 :(得分:0)

在.ldif文件中添加了顶部条目

  

dn: dc=example,dc=com objectclass: top objectclass: domain objectclass: extensibleObject dc: nascent

更改WebSecurityConfigurerAdapter 

      @Override
  public void configure(AuthenticationManagerBuilder auth) throws Exception {
    auth
            .ldapAuthentication()
            .userDnPatterns("uid={0},ou=people")
            .groupSearchBase("ou=groups")
            .contextSource()
            .url("ldap://localhost:8399/dc=example,dc=com")
            .and()
            .passwordCompare()
            .passwordAttribute("userPassword");
  }

.ldif文件路径在application.properties

中设置
  

spring.ldap.embedded.ldif=classpath:users.ldif spring.ldap.embedded.base-dn=dc=example,dc=com spring.ldap.embedded.port=8389

相关问题
最新问题