使用Spring Security 4的自定义LDAP身份验证 [英] Custom LDAP authentication using Spring Security 4

问题描述

在我的非Spring Security应用程序中，我们使用LDAP通过使用用户名和密码连接到LDAP服务器来对用户进行身份验证.如果连接成功，则对用户进行身份验证，并从LDAP中获取其详细信息.以下是该代码:

In my non Spring Security application, we used LDAP to authenticate users by connecting to the LDAP server using his ID and password. If the connection was successful, then the user was authenticated and his details were gotten from LDAP. Below is the code for that:

private void getLdapConnection(UserSignInObject userSignInObject) {
    LdapContextSource ctxSrc = new LdapContextSource();
    ctxSrc.setUrl("ldap://mjkoldc-03.red.com");
    ctxSrc.setUserDn("mj\\" + userSignInObject.getEmail());
    ctxSrc.setPassword(userSignInObject.getPassword());
    ctxSrc.setReferral("follow");
    ctxSrc.afterPropertiesSet();    
    LdapTemplate tmpl = new LdapTemplate(ctxSrc);
    setLdapTemplate(tmpl);
}

@Override
public DefaultUserObject selectUserDetailsFromLdap(
        UserSignInObject userSignInObject) throws Exception {
    DefaultUserObject user = new DefaultUserObject();
    try {
        getLdapConnection(userSignInObject);
        LdapQuery query = query().base("dc=metaljunction,dc=com")
            .attributes("GivenName", "sn", "mail", "MobilePhone")
            .where("ObjectClass").is("user").and("SamAccountName")
            .is(userSignInObject.getEmail());
        user = ldapTemplate.searchForObject(query,
            new ContextMapper<DefaultUserObject>() {
            @Override
            public DefaultUserObject mapFromContext(Object ctx)
                throws NamingException {
                DirContextAdapter context = (DirContextAdapter) ctx;
                DefaultUserObject user = new DefaultUserObject();
                user.setFirstName(context
                    .getStringAttribute("GivenName"));
                user.setLastName(context.getStringAttribute("sn"));
                user.setEmail(context.getStringAttribute("mail"));
                user.setPhone(context
                    .getStringAttribute("MobilePhone"));
                return user;
            }
            });
    } catch (Exception e) {
        e.printStackTrace();
    }
    return user;
}

需求是在Spring Security 4中实现相同的逻辑.我想将详细信息保存在Authentication和UserDetails对象中.我该怎么做?我正在使用基于Java的配置.这是验证用户身份的唯一方法.

The requirement is to implement the same logic in Spring Security 4. I want to save the details in the Authentication and UserDetails objects. How do I do it? I am using Java based config. This is the only way to authenticate the user.

推荐答案

您需要实现自己的AuthenticationProvider(即，一个实现org.springframework.security.authentication.AuthenticationProvider的类)，并将Spring Security配置为使用它. 看看这个:在Spring Security 2.06中实现自定义AuthenticationProvider

You need to implement your own AuthenticationProvider (i.e. a class implementing org.springframework.security.authentication.AuthenticationProvider) and configure Spring Security to use it. Give a look to this: Implement custom AuthenticationProvider in Spring Security 2.06

这篇关于使用Spring Security 4的自定义LDAP身份验证的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！