我有一个使用LDAP进行身份验证的Spring Boot MVC应用程序。这个工作正常,但是现在我必须匹配经过身份验证的用户(来自LDAP存储库) 来自我数据库中的用户。我创建了LDAPUser:
import java.util.jar.Attributes.Name;
import org.springframework.ldap.odm.annotations.Attribute;
import org.springframework.ldap.odm.annotations.Entry;
import org.springframework.ldap.odm.annotations.Id;
@Entry(
base="ou=users",
objectClasses = { "person", "inetOrgPerson", "top" })
public class LDAPUser {
@Id
private Name id;
private @Attribute(name = "cn") String username;
private @Attribute(name = "sn") String password;
private boolean rememberme;
}
和LDAPUserRepository:
import org.springframework.data.ldap.repository.LdapRepository;
import org.springframework.stereotype.Repository;
import com.licensewatcher.model.LDAPUser;
@Repository("ldapUserRespository")
public interface LDAPUserRepository extends LdapRepository<LDAPUser>{
LDAPUser findByUsername(String username);
LDAPUser findByUsernameAndPassword(String username, String password);
/*List<LDAPUser> findByUsernameLikeIgnoreCase(String username);*/
}
和AuthUserService:
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import com.licensewatcher.repository.LDAPUserRepository;
@Service("authUserService")
public class AuthUserService {
@Autowired LDAPUserRepository ldapUserRespository;
public boolean authenticate(LDAPUser ldapUser) {
//TODO: implement this!!!
return false;
}
public boolean authorize(LDAPUser ldapUser) {
//TODO: implement this!!!
return false;
}
}
WebSecurityConfig类(扩展了WebSecurityConfigurerAdapte)将应用程序配置为提交登录控制器操作:
@PostMapping("/login/check")
public String login(Model model, LDAPUser ldapUser, RedirectAttributes redirectAttr) {
//TODO: call authUserService.authenticate(LDAPUser ldapUser);
return "redirect:/login";
}
我想实现authUserService.authenticate(LDAPUser ldapUser)首先检查LDAPUserRepository,如果存在用户,请从我的数据库中检查User。如果它们匹配,则将用户添加到会话中并重定向到请求的页面。 这是一个好方法吗?您有什么建议可以更优雅地实现吗? 预先感谢!