当尝试使用Spring Boot应用程序连接到本地OpenLDAP服务器时,由于访问权限不足,我无法登录。
我已经搜索了很多类似的问题,但无法解决这个问题。
Spring Security配置:
@Override
public void configure(AuthenticationManagerBuilder auth) throws Exception {
auth
.ldapAuthentication()
.userDnPatterns("uid={0},ou=people")
.groupSearchBase("ou=people")
.contextSource()
.url("ldap://localhost:389/dc=upb,dc=com")
.and()
.passwordCompare()
.passwordEncoder(new LdapShaPasswordEncoder())
.passwordAttribute("userPassword");
}
/etc/ldap/slapd.d/cn=config.ldif 内容:
# CRC32 54042221
dn: cn=config
objectClass: olcGlobal
cn: config
olcArgsFile: /var/run/slapd/slapd.args
olcLogLevel: none
olcPidFile: /var/run/slapd/slapd.pid
olcToolThreads: 1
structuralObjectClass: olcGlobal
entryUUID: bc93b032-1b01-1038-87c3-a9a9e7a1db9c
creatorsName: cn=config
createTimestamp: 20180713160124Z
entryCSN: 20180713160124.350902Z#000000#000#000000
modifiersName: cn=config
modifyTimestamp: 20180713160124Z
olcAccess: to *
by self write
by anonymous auth
by dn.base="cn=admin,dc=upb,dc=com" write
by dn.base="cn=config,dc=upb,dc=com" write
by dn.base="uid=ben,ou=people,dc=upb,dc=com" write
by * read
还具有访问权限的 /usr/share/slapd/slapd.conf 行:
access to attrs=userPassword,shadowLastChange
by dn="@ADMIN@" write
by anonymous auth
by self write
by * read
access to dn.base="" by * read
access to *
by dn="@ADMIN@" write
by cn=admin write
by uid=ben write
by * read
我已经从.ldif文件中使用 cn = admin 创建了内容树。 见我的OpenLDAP content structure
有人可以帮我吗? 谢谢!
