Question

我目前正尝试设置ApacheDS实例来测试SASL机制。

那些设法让ApacheDS中的SASL工作的人？

我正在寻找ApacheDS 1.5.7的工作设置说明，并确认这在实践中有效......

Answer 1

1.5.7支持SASL，但我建议你试用最新版本的2.0 M2。（1.5.7很老，如果出现一些问题我们可能不会支持你）

Answer 2

我做了一个测试Spring App以便对用户进行身份验证..我不确定这是否是你想要的，但我还是会发布解决方案。（这篇文章有点晚了......但是）

就像我说的那样，我使用了spring，spring security和apacheDS。

弹簧security.xml文件

    <!-- This is where we configure Spring-Security  -->
    <security:http auto-config="true" use-expressions="true" access-denied-page="/app/denied" >

        <security:intercept-url pattern="/app/login" access="permitAll"/>
        <security:intercept-url pattern="/app/admin" access="hasRole('ROLE_ADMIN')"/>
        <security:intercept-url pattern="/app/common" access="hasRole('ROLE_USER')"/>

        <security:form-login
                login-page="/app/login" 
                authentication-failure-url="/app/login?error=true" 
                default-target-url="/app/common"/>

        <security:logout 
                invalidate-session="true" 
                logout-success-url="/app/login" 
                logout-url="/app/logout"/>

    </security:http>

    <security:authentication-manager>
            <security:ldap-authentication-provider  
                    user-search-filter="(uid={0})" 
                    user-search-base="ou=users"
                    group-search-filter="(uniqueMember={0})"
                    group-search-base="ou=groups"
                    group-role-attribute="cn"
                    role-prefix="ROLE_">
            </security:ldap-authentication-provider>
    </security:authentication-manager>

    <security:ldap-server url="ldap://localhost:10389/o=test" manager-dn="uid=admin,ou=system" manager-password="secret" />

</beans>

这是wep.xml

<web-app version="2.5"
         xmlns="http://java.sun.com/xml/ns/javaee"
         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
         xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">
    <display-name>Getting Started with Spring</display-name>

    <context-param>
        <param-name>contextConfigLocation</param-name>
        <param-value>
        /WEB-INF/spring-security.xml
        /WEB-INF/applicationContext.xml
        <!-- /WEB-INF/spring-ldap.xml-->
        </param-value>
    </context-param>

    <listener>
        <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
    </listener>

    <servlet>
        <servlet-name>Spring MVC Servlet</servlet-name>
        <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
        <init-param>
            <param-name>contextConfigLocation</param-name>
            <param-value>/WEB-INF/spring-mvc-context.xml</param-value>
        </init-param>
    </servlet>

    <servlet-mapping>
        <servlet-name>Spring MVC Servlet</servlet-name>
        <url-pattern>/app/*</url-pattern>
    </servlet-mapping>

    <filter>
            <filter-name>springSecurityFilterChain</filter-name>
            <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
    </filter>

    <filter-mapping>
            <filter-name>springSecurityFilterChain</filter-name>
            <url-pattern>/*</url-pattern>
    </filter-mapping>

</web-app>

在apache DS中，我创建了一个简单的用户和用户组（admin / user）结构。

就是这样！如果你不理解代码中的某些内容，请告诉我，我会尽力帮助..

ApacheDS 1.5.7 - SASL配置

2 个答案: