我的应用程序是用Java和Spring Security构建的。我有两种登录方式,一种是使用Windows登录(也称为活动目录),另一种是使用由管理员用户创建的密码。当我通过IntelliJ在本地运行时,这两种方法都有效,但是当我将应用程序部署到服务器时,它只允许使用Windows登录凭据的人登录。如果尝试在实时站点上使用自定义登录名登录,刷新登录页面并删除输入的用户名和密码。我没有任何错误。同样,当用户管理员创建自定义登录时,它会存储在sql表中,并且密码会被哈希化。因此,创建功能有效/用户存在,仅登录不起作用。不知道可能是什么原因...不知道我应该看代码还是服务器连接。我使用Tomcat和IIS托管此站点。
Web配置文件
@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Value("${ad.hg.url}")
private String AD_HG_URL;
@Value("${ad.hp.nt.url}")
private String AD_HP_NT_URL;
@Autowired
DBAuthorizationFetcher dbAuthorizationFetcher;
@Autowired
ManualUserDetailsService manualUserDetailsService;
@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf().ignoringAntMatchers("/specialSplit/**");
http.authorizeRequests()
.antMatchers("/css/**","/js/**","/images/**","/login","/accessDenied","/loginFailed","/changePassword","/resetPassword").permitAll()
.antMatchers("/newClient","/callLogs/**","/addClient","/saveClient","/delete/**","/save/**","/specialSplit/**").hasRole("OLIDB_ADMIN")
.antMatchers("/admin","/toggle/user/**").hasRole("USER_ADMIN")
.anyRequest().hasRole("OLIDB_USER").and()
.formLogin().loginPage("/login").failureHandler(new CustomAuthenticationFailureHandler()).successForwardUrl("/")
.and().exceptionHandling().accessDeniedPage("/accessDenied")
.and().logout().logoutRequestMatcher(new AntPathRequestMatcher("/logout")).logoutSuccessUrl("/");
}
@Override
protected void configure(AuthenticationManagerBuilder authManagerBuilder) throws Exception {
//authManagerBuilder.authenticationProvider(databaseAuthenticationProvider);
authManagerBuilder.authenticationProvider(activeDirectoryLdapAuthenticationProvider("HEFFGROUP.COM",AD_HP_NT_URL));
authManagerBuilder.authenticationProvider(activeDirectoryLdapAuthenticationProvider("HG",AD_HG_URL));
authManagerBuilder.authenticationProvider(manualAuthenticationProvider());
}
public AuthenticationProvider activeDirectoryLdapAuthenticationProvider(String domain,String url) {
ActiveDirectoryLdapAuthenticationProvider provider = new ActiveDirectoryLdapAuthenticationProvider(domain, url);
provider.setConvertSubErrorCodesToExceptions(true);
provider.setUseAuthenticationRequestCredentials(true);
provider.setUserDetailsContextMapper(dbAuthorizationFetcher);
return provider;
}
public DaoAuthenticationProvider manualAuthenticationProvider() {
DaoAuthenticationProvider authProvider
= new DaoAuthenticationProvider();
authProvider.setUserDetailsService(manualUserDetailsService);
authProvider.setPasswordEncoder(new BCryptPasswordEncoder(11));
return authProvider;
}
}