我在使用openldap进行身份验证时遇到问题,我不知道如何使用Spring 4.0.0版本配置春季安全性ldap。请提供样本参考。
<beans:bean id="contextSource"
class="org.springframework.security.ldap.DefaultSpringSecurityContextSource">
<beans:constructor-arg
value="ldap://localhost:389/dc=test,dc=com" />
</beans:bean>
<security:ldap-server id="contextSource"
url="ldap://localhost:389/dc=test,dc=com" />
<beans:bean id="authMgr"
class="org.springframework.security.authentication.ProviderManager">
<beans:constructor-arg>
<beans:list>
<beans:bean id="ldapAuthProvider"
class="org.springframework.security.ldap.authentication.LdapAuthenticationProvider">
<beans:constructor-arg>
<beans:bean
class="org.springframework.security.ldap.authentication.BindAuthenticator">
<beans:constructor-arg ref="contextSource" />
<beans:property name="userDnPatterns">
<beans:list>
<beans:value>uid={0},ou=users</beans:value>
</beans:list>
</beans:property>
</beans:bean>
</beans:constructor-arg>
</beans:bean>
</beans:list>
</beans:constructor-arg>
</beans:bean>
<security:authentication-manager>
<security:ldap-authentication-provider
server-ref="contextSource" user-search-base="ou=users"
user-search-filter="(uid={0})" group-search-filter="ou=groups">
<security:password-compare hash="{sha}"
password-attribute="userPassword" />
</security:ldap-authentication-provider>
</security:authentication-manager>
答案 0 :(得分:0)
Spring Security 4.0 LDAP Reference
LDAP最佳实践是搜索条目的DN,因此进行配置
<bean id="userSearch" class="org.springframework.security.ldap.search.FilterBasedLdapUserSearch">
<constructor-arg index="0" value=""/>
<constructor-arg index="1" value="(uid={0})"/>
<constructor-arg index="2" ref="contextSource" />
</bean>
通常,LDAP静态组条目的命名属性为cn,因此进行配置
<bean class="org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator">
<constructor-arg ref="contextSource"/>
<constructor-arg value="ou=groups"/>
<property name="groupRoleAttribute" value="cn"/>
</bean>
代替指南中显示的示例