Spring Security LDAP 登录错误凭据
Posted
技术标签:
【中文标题】Spring Security LDAP 登录错误凭据【英文标题】:Spring Security LDAP Login Bad Credentials 【发布时间】:2017-11-02 12:36:46 【问题描述】:我正在尝试使用 spring security 连接 LDAP,但它总是显示错误的凭据问题。我认为我的代码可能有问题:
@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class SecurityConfig extends WebSecurityConfigurerAdapter
@Override
public void configure(WebSecurity web) throws Exception
web.debug(true);
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception
auth.ldapAuthentication().userDnPatterns("sAMAccountName=0,OU=SupportUsers,OU=Users,OU=company,DC=ad,DC=company,DC=com,DC=pl")
.contextSource(contextSource()).passwordCompare().passwordAttribute("userPassword");
protected void configure(HttpSecurity http) throws Exception
http
.authorizeRequests()
.anyRequest().fullyAuthenticated()
.and()
.formLogin();
http.csrf().disable(); //Vaadin already have built in csrf
@Bean
public LdapContextSource contextSource ()
LdapContextSource contextSource= new LdapContextSource();
contextSource.setUrl("ldap://192.168.2.2:389");
contextSource.setBase("dc=ad,dc=company,dc=com,dc=pl");
contextSource.setUserDn("CN=lister,OU=SupportUsers,OU=Users,OU=company,DC=ad,DC=company,DC=com,DC=pl");
contextSource.setPassword("examplePassword");
contextSource.setAnonymousReadOnly(false);
contextSource.setPooled(true);
contextSource.afterPropertiesSet();
return contextSource;
我在代码中找不到错误,可能是我以错误的方式做某事。这是我的 pom.xml:
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>pl.com.company</groupId>
<artifactId>LDAPSpringInitializr</artifactId>
<version>0.0.1-SNAPSHOT</version>
<packaging>jar</packaging>
<name>LDAPSpringInitializr</name>
<description>Demo project for Spring Boot</description>
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>1.5.3.RELEASE</version>
<relativePath/> <!-- lookup parent from repository -->
</parent>
<properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
<java.version>1.8</java.version>
<vaadin.version>8.0.5</vaadin.version>
</properties>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-data-jpa</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-data-ldap</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
<groupId>com.vaadin</groupId>
<artifactId>vaadin-spring-boot-starter</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.postgresql</groupId>
<artifactId>postgresql</artifactId>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-ldap</artifactId>
</dependency>
</dependencies>
<dependencyManagement>
<dependencies>
<dependency>
<groupId>com.vaadin</groupId>
<artifactId>vaadin-bom</artifactId>
<version>$vaadin.version</version>
<type>pom</type>
<scope>import</scope>
</dependency>
</dependencies>
</dependencyManagement>
<build>
<plugins>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
</plugin>
</plugins>
</build>
</project>
我是不是做错了什么?也许密码编码有问题?问候,拉法乌
【问题讨论】:
【参考方案1】:public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception
auth.ldapAuthentication().userSearchFilter("(sAMAccountName=0)")
.contextSource(contextSource());
它有效,我刚刚改变了那个方法。
【讨论】:
非常感谢兄弟,我被困了好几个小时 伙计,我这两天卡住了,不是开玩笑的。这救了我的命:)以上是关于Spring Security LDAP 登录错误凭据的主要内容,如果未能解决你的问题,请参考以下文章
使用 Spring Security 通过 MySQL-LDAP-Thymeleaf 登录
使用 spring security ldap 禁用基本身份验证
如何使用 ldap 和 spring security 从登录的用户那里获取电子邮件