使用jdbcAuthentification和AD身份验证的多重身份验证

时间:2020-07-24 11:41:00

标签: java spring-boot spring-security-oauth2

我再次需要您的帮助。我需要通过JDBC或AD对我的应用程序进行身份验证,但它必须可以正常工作。例如,当我尝试使用JDBC用户进行身份验证时,我的程序必须与数据库中的用户建立连接,但是当我放置AD登录名时,它必须与AD用户建立连接。

这是我的代码,但是当我有以下要连接到JDBC的order(1)代码时,我只能与JDBC连接,并且当我有创建authentificationProvider的代码时,我可以在使用AD登录时登录。 

@Configuration
@EnableWebSecurity
public class OAuth2SecurityConfiguration extends WebSecurityConfigurerAdapter {

    @Autowired
    private ClientDetailsService clientDetailsService;

    @Autowired
    private DataSource primaryDataSource;

    // @Autowired
    // private AuthenticationProvider authenticationProvider;

    // @Autowired
    // private AuthenticationProvider authenticationProviderAD;

    @Value("${security.authentication.provider}")
    private String authProvider;

    @Value("${ad.domain:#{null}}")
    private String adDomain;

    // TODO shift system like configuration into java, and no system like
    // configuration make it optional
    @Value("${ad.url:#{null}}")
    private String adUrl;

    @Override
    @Order(1)
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
   RecursiveAdProvider adProvider = new RecursiveAdProvider(adDomain, adUrl);
    adProvider.setConvertSubErrorCodesToExceptions(true);
    adProvider.setUseAuthenticationRequestCredentials(true);
    auth.authenticationProvider(adProvider);
    auth.eraseCredentials(false);
    }

    @Order(2)
    protected void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
        auth.jdbcAuthentication().dataSource(primaryDataSource)
                .usersByUsernameQuery("select username, password, enabled from users where username=?")
                .authoritiesByUsernameQuery(
                        "select username, authority from user_authority JOIN authorities ON user_authority.authority_id = authorities.id where username=?")
                .passwordEncoder(new BCryptPasswordEncoder());
    }



    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.csrf().disable().anonymous().disable().authorizeRequests().antMatchers("/oauth/token").permitAll();
    }

    @Override
    @Bean
    public AuthenticationManager authenticationManagerBean() throws Exception {
        return super.authenticationManagerBean();
    }

    @Bean
    public TokenStore tokenStore() {
        return new InMemoryTokenStore();
    }

    @Bean
    @Autowired
    public TokenStoreUserApprovalHandler userApprovalHandler(TokenStore tokenStore) {
        TokenStoreUserApprovalHandler handler = new TokenStoreUserApprovalHandler();
        handler.setTokenStore(tokenStore);
        handler.setRequestFactory(new DefaultOAuth2RequestFactory(clientDetailsService));
        handler.setClientDetailsService(clientDetailsService);
        return handler;
    }

    @Bean
    @Autowired
    public ApprovalStore approvalStore(TokenStore tokenStore) throws Exception {
        TokenApprovalStore store = new TokenApprovalStore();
        store.setTokenStore(tokenStore);
        return store;
    }}

你能帮我吗?

0 个答案:

没有答案
相关问题
最新问题