如何将spring安全性从ldap改为ldap starttls

时间:2011-12-23 13:33:43

标签: spring spring-security ldap spring-ldap

如何将spring安全性从ldap更改为ldap starttls。

我正在使用Spring Security和LDAP在Springs编写一个项目。我把一切都运行得很好然后管理员用starttls把它改成了ldap。有人可以告诉我如何更新我的xml文件以使我的项目再次运行。

<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns:beans="http://www.springframework.org/schema/beans"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xmlns:jdbc="http://www.springframework.org/schema/jdbc"
    xsi:schemaLocation="http://www.springframework.org/schema/beans
           http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
           http://www.springframework.org/schema/jdbc
           http://www.springframework.org/schema/jdbc/spring-jdbc-3.0.xsd
           http://www.springframework.org/schema/security
           http://www.springframework.org/schema/security/spring-security-3.0.xsd"
    xmlns="http://www.springframework.org/schema/security" >

    <http
        auto-config="true"
        use-expressions="true" >

        <intercept-url
            access="hasRole('ROLE_MEMBER_INQUIRY')"
            pattern="/requests/**" />

    </http>

    <authentication-manager >

        <ldap-authentication-provider
            user-search-base="ou=webusers"
            user-search-filter="(uid={0})" >

            <password-compare >

                <password-encoder ref="passwordEncoder" >
                </password-encoder>
            </password-compare>
        </ldap-authentication-provider>
    </authentication-manager>

    <beans:bean
        id="passwordEncoder"
        class="org.springframework.security.authentication.encoding.Md5PasswordEncoder" >
    </beans:bean>

    <beans:bean
        id="contextSource"
        class="org.springframework.security.ldap.DefaultSpringSecurityContextSource" >

        <beans:constructor-arg value="ldap://10.52.208.228:389/dc=xxxxx,dc=dev" />

        <beans:property
            name="userDn"
            value="cn=Manager,dc=xxxxx,dc=dev" />

        <beans:property
            name="password"
            value="secret" />
    </beans:bean>

    <beans:bean
        id="ldapAuthProvider"
        class="org.springframework.security.ldap.authentication.LdapAuthenticationProvider" >

        <beans:constructor-arg >

            <beans:bean class="org.springframework.security.ldap.authentication.BindAuthenticator" >

                <beans:constructor-arg ref="contextSource" />

                <beans:property name="userDnPatterns" >

                    <beans:list >

                        <beans:value >

uid={0},ou=webusers

                        </beans:value>
                    </beans:list>
                </beans:property>
            </beans:bean>
        </beans:constructor-arg>

        <beans:constructor-arg >

            <beans:bean class="org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator" >

                <beans:constructor-arg ref="contextSource" />

                <beans:constructor-arg value="ou=groups" />

                <beans:property
                    name="groupRoleAttribute"
                    value="ou" />
            </beans:bean>
        </beans:constructor-arg>
    </beans:bean>

    <ldap-server url="ldap://10.52.208.228:389/dc=xxxxx,dc=dev" />

    <beans:bean
        id="propertyConfigurer"
        class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer" >

        <beans:property
            name="location"
            value="classpath:jdbc.properties" />
    </beans:bean>

    <beans:bean
        id="dataSource"
        class="org.apache.commons.dbcp.BasicDataSource" >

        <beans:property
            name="driverClassName"
            value="${database.driver}" />

        <beans:property
            name="url"
            value="${database.url}" />

        <beans:property
            name="username"
            value="${database.user}" />

        <beans:property
            name="password"
            value="${database.password}" />

        <beans:property
            name="initialSize"
            value="5" />

        <beans:property
            name="maxActive"
            value="10" />
    </beans:bean>

</beans:beans>

1 个答案:

答案 0 :(得分:3)

您需要在配置中为ContextSource提供DirContextAuthenticationStrategy实现。

请参阅: http://static.springsource.org/spring-ldap/site/reference/html/configuration.html