Spring 安全 - 特定用户 [英] Spring security - specific users

问题描述

我使用 ldap 来验证请求.

I am using ldap for authentication of requests.

我通过扩展 WebSecurityConfigurerAdapter 并覆盖 configure(HttpSecurity) 和 configure(AuthenticationManagerBuilder) 方法进行了配置.

I have configured by extending WebSecurityConfigurerAdapter and overriding configure(HttpSecurity) and configure(AuthenticationManagerBuilder) methods.

凭据将使用 ldap 进行验证，除此之外，我需要维护一个静态列表，其中包含允许访问的特定用户名.

The credentials will be verified using ldap and on top of that, I need to maintain a static list that contains specific usernames to be allowed to access.

任何人都可以帮助用户名验证部分 - 我是否需要编写 AuthenticationProvider 的扩展来验证凭据并检查用户名?仅通过配置，我就能处理凭据验证.

Can anyone help with the usernames validation part - do I need to write an extension of AuthenticationProvider to validate credentials and check for username? Just by configurations, I am able to take care of credentials verification.

推荐答案

我是否需要编写 AuthenticationProvider 的扩展来验证凭据并检查用户名

do I need to write an extension of AuthenticationProvider to validate credentials and check for username

是的.您需要有两个不同的身份验证提供程序.一个用于验证 LDAP 用户的凭据，另一个用于静态用户列表.

Yes. You need to have two different authentication provider. One to validate LDAP user's credential and other for static user list.

因此，您的 configure 方法如下所示，

So, your configure method looks similar like below,

@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
    auth.authenticationProvider(LDAPProvider);
    auth.authenticationProvider(StaticUserProvider);
}

在这里，订单很重要，因为用户的凭据将根据上述提供程序的顺序进行验证.即首先使用 LDAPProvider，然后使用 StaticUserProvider.

Here, an order is important because, user's credentials would validate according to above mentioned provider order.i.e first with LDAPProvider then with StaticUserProvider.

这篇关于Spring 安全 - 特定用户的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！