如何在 Grails 上使用 LDAP 插件? [英] How to use LDAP plugin on Grails?
问题描述
我正在开始一个关于 Groovy 和 Grails 的新项目.我现在正在处理身份验证部分,因为我们有一个 LDAP 服务器,所以我想使用 LDAP 进行身份验证.我开始设置我的环境,我正在使用 SpringSource Tool Suite 和 Grails 1.3.5.当我开始使用身份验证部分时,我安装了两个插件:
- springSecurityCore - 1.0.1
- springSecurityLdap - 1.0.1
我还为 LDAP 插件运行了s2 quickstart"命令.
一切看起来都很棒,我可以使用 LoginController 和 LogoutController,我能够保护网页,以便只有在登录时才能看到它.我通过在 BootStrap.groovy 创建一个用户来做到这一点
我还在 Config.groovy 中使用我们的 LDAP 服务器的相应值配置了所有 LDAP 和 Spring Security Core 参数:
grails.plugins.springsecurity.ldap.context.managerDngrails.plugins.springsecurity.ldap.context.managerPasswordgrails.plugins.springsecurity.ldap.context.servergrails.plugins.springsecurity.ldap.authorities.groupSearchBasegrails.plugins.springsecurity.ldap.search.basegrails.plugins.springsecurity.userLookup.userDomainClassNamegrails.plugins.springsecurity.userLookup.authorityJoinClassNamegrails.plugins.springsecurity.authority.className但是,我不知道如何测试是否正在使用 LDAP 服务器完成身份验证.我确定它没有使用 LDAP 完成,因为当我在应用程序运行时进入登录框并尝试使用我通常用于 LDAP 服务器的用户名和密码进行身份验证时,它说它找不到用户.如果我尝试使用在 BootStrap.groovy 上创建的用户进行身份验证,我可以登录,但我猜该用户只是在本地创建的,而且是暂时的.
- 如何将身份验证提供程序设置为 LDAP 服务器?
- 在运行s2 quickstart"后安装安全核心和 ldap 插件后我还需要做什么?
Groovy 和 Grails 的那个东西在后台做了很多事情,以至于一开始很难理解在哪里配置所有东西.
提前感谢您的帮助
我一直在寻找有关如何使用这些插件的信息,但我没有找到任何有据可查的信息,我找到了有关 Acegi 的信息,但不支持该插件再说了,这就是我在这里问的原因
阅读此内容(我会看看是否可以使用 LDAP):http://blog.springsource.com/2010/08/11/simplified-spring-security-with-grails/
1.如何将身份验证提供者设置为LDAP服务器?
我很确定这是激活 LDAP 身份验证的 Config.groovy 条目.
grails.plugins.springsecurity.providerNames = ['ldapAuthProvider','anonymousAuthenticationProvider','rememberMeAuthenticationProvider']<块引用>
2.运行s2 quickstart"后安装安全核心和ldap插件后我还需要做什么?
我发现这个讨论很有帮助:CustomUserDetailsService.结果是这个方法在 UserDetailsContextMapper 的扩展中:
UserDetails mapUserFromContext(org.springframework.ldap.core.DirContextOperations ctx,java.lang.String 用户名,java.util.Collection<GrantedAuthority>权威) {User.withTransaction { 状态 ->def user = getUser(ctx)//创建并保存一个 MyUser 域类实例def userDetails = new MyUserDetails(用户名,权限?:NO_ROLES,用户身份,用户名,用户.mail)userDetails.fullname = 用户名userDetails.email = user.mail返回用户详情}}而且我认为这个 resources.groovy 条目是必要的:
beans = {ldapUserDetailsMapper(MyUserDetailsContextMapper) {}I'm starting a new project on Groovy and Grails. I'm now working on the authentication part and as we have an LDAP server I want to work the authentication using LDAP. I began setting my environment, I'm using SpringSource Tool Suite and Grails 1.3.5. When I started working with the authentication part I installed two plugins:
- springSecurityCore - 1.0.1
- springSecurityLdap - 1.0.1
I also ran the "s2 quickstart" command for the LDAP plugin.
Everything looks great, I can use the LoginController and the LogoutController, I'm able to secure a web page so that it can only be seen when logged in. I'm doing this by creating a user at the BootStrap.groovy
I also configured all the LDAP and Spring Security Core parameters at Config.groovy with the corresponding values of our LDAP server:
grails.plugins.springsecurity.ldap.context.managerDn
grails.plugins.springsecurity.ldap.context.managerPassword
grails.plugins.springsecurity.ldap.context.server
grails.plugins.springsecurity.ldap.authorities.groupSearchBase
grails.plugins.springsecurity.ldap.search.base
grails.plugins.springsecurity.userLookup.userDomainClassName
grails.plugins.springsecurity.userLookup.authorityJoinClassName
grails.plugins.springsecurity.authority.className
However, I don't know how to test that the authentication is being done with the LDAP server. I'm sure it's not being done with LDAP because when I go to the Login box when the application is running and I try to authenticate with my username and password that I normally use for the LDAP server it says that it can't find that user. If I try to authenticate with the user I created on BootStrap.groovy I'm able to login but I guess that user is being created locally only and it's transient.
- How can I set the authentication provider to be the LDAP server?
- What else do I have to do after installing the security core and ldap plugins after running the "s2 quickstart"?
That thing of Groovy and Grails makes so many things on the background that at the beggining is difficult to understand where to configure everything.
Thanks in advance for your help
EDIT: I've been looking for information on how to use those plugins but I haven't found anything that is well documented, I've found information regarding Acegi but that plugin is not supported anymore, that's why I'm asking here
EDIT: Reading this (I'll see if achieve to use LDAP): http://blog.springsource.com/2010/08/11/simplified-spring-security-with-grails/
1.How can I set the authentication provider to be the LDAP server?
I am fairly sure this is the Config.groovy entry that activates LDAP authentication.
grails.plugins.springsecurity.providerNames = ['ldapAuthProvider',
'anonymousAuthenticationProvider',
'rememberMeAuthenticationProvider']
2.What else do I have to do after installing the security core and ldap plugins after running the "s2 quickstart"?
I found this discussion very helpful: CustomUserDetailsService. The result was this method in an extension of UserDetailsContextMapper:
UserDetails mapUserFromContext(org.springframework.ldap.core.DirContextOperations ctx,
java.lang.String username,
java.util.Collection<GrantedAuthority> authority) {
User.withTransaction { status ->
def user = getUser(ctx) // Creates and saves a MyUser domain class instance
def userDetails = new MyUserDetails(
username,
authority ?: NO_ROLES,
user.id,
user.name,
user.mail)
userDetails.fullname = user.name
userDetails.email = user.mail
return userDetails
}
}
And I think this resources.groovy entry was necessary:
beans = {
ldapUserDetailsMapper(MyUserDetailsContextMapper) {
}
这篇关于如何在 Grails 上使用 LDAP 插件?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
