带有华夫饼的LDAP SSO

时间:2019-04-29 09:02:47

标签: spring-security spring-security-ldap waffle

我正在使用Spring 5 Web应用程序。

我对Waffle完全陌生 我想使用waffle让用户使用他们的Windows凭据在我的Web应用程序上进行身份验证。 一旦获得用户名,我将进行LDAP搜索。

但是我不确定在哪里可以编写我的自定义代码来获取用户名进行验证?

我尝试使用Spring Security LDAP。但是无法获取窗口用户登录名。 网上有人建议使用华夫饼来获取窗口用户信息

WebSecurityConfig代码

 @Autowired
public WindowsAuthenticationProvider windowsAuthenticationProvider;

@Autowired
private NegotiateSecurityFilter securityFilter;

@Autowired
private NegotiateSecurityFilterEntryPoint authenticationEntryPoint;


@Override
protected void configure(final HttpSecurity http) throws Exception {
    http
        .authorizeRequests()
            .anyRequest().authenticated()
        .and()
            .addFilterBefore(this.securityFilter, BasicAuthenticationFilter.class)
            .httpBasic()
            .authenticationEntryPoint(this.authenticationEntryPoint)
        .and()
            .authenticationProvider(windowsAuthenticationProvider) // Set authentication provider here
            .formLogin();
            //.authenticationDetailsSource(waffleAuthenticationDetailsSource);

}

//Waffle Spring Security Beans
@Bean
public WindowsAuthProviderImpl windowsAuthProvider() {
    WindowsAuthProviderImpl waffle = new WindowsAuthProviderImpl();
    return waffle;
}
@Bean
@Autowired
public NegotiateSecurityFilterProvider negotiateSecurityFilterProvider(final WindowsAuthProviderImpl windowsAuthProvider) {

    return new NegotiateSecurityFilterProvider(windowsAuthProvider);
}
@Bean
@Autowired
public SecurityFilterProviderCollection waffleSecurityFilterProviderCollection(final NegotiateSecurityFilterProvider negotiateSecurityFilterProvider) {

    final List<SecurityFilterProvider> securityFilterProviders = new ArrayList<SecurityFilterProvider>();
    securityFilterProviders.add(negotiateSecurityFilterProvider);
    return new SecurityFilterProviderCollection(securityFilterProviders.toArray(new SecurityFilterProvider[]{}));
}
@Bean
@Autowired
public NegotiateSecurityFilterEntryPoint negotiateSecurityFilterEntryPoint(final SecurityFilterProviderCollection securityFilterProviderCollection) {
    final NegotiateSecurityFilterEntryPoint negotiateSecurityFilterEntryPoint = new NegotiateSecurityFilterEntryPoint();
    negotiateSecurityFilterEntryPoint.setProvider(securityFilterProviderCollection);
    return negotiateSecurityFilterEntryPoint;
}
@Bean
@Autowired
public NegotiateSecurityFilter waffleNegotiateSecurityFilter(final SecurityFilterProviderCollection securityFilterProviderCollection) {
    final NegotiateSecurityFilter negotiateSecurityFilter = new NegotiateSecurityFilter();
    negotiateSecurityFilter.setProvider(securityFilterProviderCollection);
    return negotiateSecurityFilter;
}

@Bean
@Autowired
public WindowsAuthenticationProvider windowsAuthenticationProvider(final WindowsAuthProviderImpl windowsAuthProvider) {

    WindowsAuthenticationProvider provider = new WindowsAuthenticationProvider();

    provider.setAuthProvider(windowsAuthProvider);
    return provider;
}

xml 

<http use-expressions="true">
    <intercept-url pattern="/**" access="isAuthenticated()" />
    <custom-filter ref="waffleNegotiateSecurityFilter" position="BASIC_AUTH_FILTER" />
    <http-basic />
</http>

<beans:bean id="waffleNegotiateSecurityFilter" class="waffle.spring.NegotiateSecurityFilter">
    <beans:property name="Provider" ref="waffleSecurityFilterProviderCollection" />
</beans:bean>

<authentication-manager>
    <authentication-provider ref="customAuthenticationProvider" />
</authentication-manager>

<beans:bean id="customAuthenticationProvider" class="sunrise.crm.webapp.common.security.CustomAuthenticationProvider">
    <!-- <beans:property name="userDetailsService" ref="userDetailsService" /> -->
</beans:bean>

<beans:bean id="waffleWindowsAuthProvider" class="waffle.windows.auth.impl.WindowsAuthProviderImpl" />

<beans:bean id="negotiateSecurityFilterProvider" class="waffle.servlet.spi.NegotiateSecurityFilterProvider">
    <beans:constructor-arg ref="waffleWindowsAuthProvider" />
</beans:bean>

<beans:bean id="basicSecurityFilterProvider" class="waffle.servlet.spi.BasicSecurityFilterProvider">
    <beans:constructor-arg ref="waffleWindowsAuthProvider" />
</beans:bean>

<beans:bean id="waffleSecurityFilterProviderCollection" class="waffle.servlet.spi.SecurityFilterProviderCollection">
    <beans:constructor-arg>
        <beans:list>
            <beans:ref bean="negotiateSecurityFilterProvider" />               
            <beans:ref bean="basicSecurityFilterProvider" />               
        </beans:list>
    </beans:constructor-arg>
</beans:bean>

0 个答案:

没有答案
相关问题
最新问题