如何在Grails上使用LDAP插件? [英] How to use LDAP plugin on Grails?
问题描述
我正在开始一个关于Groovy和Grails的新项目。我现在正在开发身份验证部分,因为我们有一个LDAP服务器,我想使用LDAP进行身份验证。我开始设置环境,使用SpringSource Tool Suite和 Grails 1.3.5 。当我开始使用认证部分时,我安装了两个插件:
$ b
- springSecurityCore - 1.0.1
- springSecurityLdap - 1.0.1
我还运行LDAP插件的s2 quickstart命令。
一切看起来都很棒,我可以使用LoginController和LogoutController,我可以保护一个网页,以便它只能在登录时看到。我通过创建一个用户在BootStrap.groovy
我还在Config.groovy中配置了所有LDAP和Spring Security Core参数以及我们的LDAP服务器的相应值:
grails.plugins.springsecurity.ldap.context.managerDn
grails.plugins.springsecurity.ldap.context.managerPassword
grails。 plugins.springsecurity.ldap.context.server
grails.plugins.springsecurity.ldap.authorities.groupSearchBase
grails.plugins.springsecurity.ldap.search.base
grails.p lugins.springsecurity.userLookup.userDomainClassName
grails.plugins.springsecurity.userLookup.authorityJoinClassName
grails.plugins.springsecurity.authority.className
但是,我不知道如何测试LDAP服务器的身份验证。我确定它没有使用LDAP,因为当我在应用程序运行时转到登录框并尝试使用我通常用于LDAP服务器的用户名和密码进行身份验证时,它说它无法找到用户。如果我尝试使用在BootStrap.groovy上创建的用户进行身份验证,我可以登录,但我猜这个用户只能在本地创建,并且是暂时的。
- 如何将身份验证提供程序设置为LDAP服务器?
- 在运行s2后安装安全核心和ldap插件后还需要做什么快速启动?
Groovy和Grails在背景上做了很多事情,以至于在开始时很难理解在哪里配置所有事情。
预先感谢您的帮助
编辑:一直在寻找关于如何使用这些插件的信息,但我没有发现任何有据可查的信息,我找到了有关Acegi的信息,但该插件不再支持,这就是为什么我在这里问的原因。
编辑:阅读本文(我会看看是否实现使用LDAP): http://blog.springsource.com/2010/08/11/simplified-spring-security -with-grails /
1.如何设置身份验证提供程序成为LDAP服务器?
我确信这是激活LDAP身份验证的Config.groovy条目。 b
$ b
grails.plugins.springsecurity.providerNames = ['ldapAuthProvider',
'anonymousAuthenticationProvider',
'rememberMeAuthenticationProvider']
2.安装安全核心和ldap后还需要做什么运行s2 quickstart后的插件?
我发现这个讨论非常有帮助: CustomUserDetailsService 。结果是这个方法在UserDetailsContextMapper的扩展中:
UserDetails mapUserFromContext(org.springframework.ldap.core.DirContextOperations ctx,
java.lang.String username,
java.util.Collection< GrantedAuthority> authority){
User.withTransaction {status - >
def user = getUser(ctx)//创建并保存MyUser域类实例
$ b def userDetails = new MyUserDetails(
username,
权限?:NO_ROLES,
user.id,
user.name,
user.mail)
userDetails.fullname = user.name
userDetails.email = user.mail
return userDetails
}
}
我认为这个resources.groovy条目是必要的:
beans = {
ldapUserDetailsMapper(MyUserDetailsContextMapper){
}
I'm starting a new project on Groovy and Grails. I'm now working on the authentication part and as we have an LDAP server I want to work the authentication using LDAP. I began setting my environment, I'm using SpringSource Tool Suite and Grails 1.3.5. When I started working with the authentication part I installed two plugins:
- springSecurityCore - 1.0.1
- springSecurityLdap - 1.0.1
I also ran the "s2 quickstart" command for the LDAP plugin.
Everything looks great, I can use the LoginController and the LogoutController, I'm able to secure a web page so that it can only be seen when logged in. I'm doing this by creating a user at the BootStrap.groovy
I also configured all the LDAP and Spring Security Core parameters at Config.groovy with the corresponding values of our LDAP server:
grails.plugins.springsecurity.ldap.context.managerDn
grails.plugins.springsecurity.ldap.context.managerPassword
grails.plugins.springsecurity.ldap.context.server
grails.plugins.springsecurity.ldap.authorities.groupSearchBase
grails.plugins.springsecurity.ldap.search.base
grails.plugins.springsecurity.userLookup.userDomainClassName
grails.plugins.springsecurity.userLookup.authorityJoinClassName
grails.plugins.springsecurity.authority.className
However, I don't know how to test that the authentication is being done with the LDAP server. I'm sure it's not being done with LDAP because when I go to the Login box when the application is running and I try to authenticate with my username and password that I normally use for the LDAP server it says that it can't find that user. If I try to authenticate with the user I created on BootStrap.groovy I'm able to login but I guess that user is being created locally only and it's transient.
- How can I set the authentication provider to be the LDAP server?
- What else do I have to do after installing the security core and ldap plugins after running the "s2 quickstart"?
That thing of Groovy and Grails makes so many things on the background that at the beggining is difficult to understand where to configure everything.
Thanks in advance for your help
EDIT: I've been looking for information on how to use those plugins but I haven't found anything that is well documented, I've found information regarding Acegi but that plugin is not supported anymore, that's why I'm asking here
EDIT: Reading this (I'll see if achieve to use LDAP): http://blog.springsource.com/2010/08/11/simplified-spring-security-with-grails/
1.How can I set the authentication provider to be the LDAP server?
I am fairly sure this is the Config.groovy entry that activates LDAP authentication.
grails.plugins.springsecurity.providerNames = ['ldapAuthProvider',
'anonymousAuthenticationProvider',
'rememberMeAuthenticationProvider']
2.What else do I have to do after installing the security core and ldap plugins after running the "s2 quickstart"?
I found this discussion very helpful: CustomUserDetailsService. The result was this method in an extension of UserDetailsContextMapper:
UserDetails mapUserFromContext(org.springframework.ldap.core.DirContextOperations ctx,
java.lang.String username,
java.util.Collection<GrantedAuthority> authority) {
User.withTransaction { status ->
def user = getUser(ctx) // Creates and saves a MyUser domain class instance
def userDetails = new MyUserDetails(
username,
authority ?: NO_ROLES,
user.id,
user.name,
user.mail)
userDetails.fullname = user.name
userDetails.email = user.mail
return userDetails
}
}
And I think this resources.groovy entry was necessary:
beans = {
ldapUserDetailsMapper(MyUserDetailsContextMapper) {
}
这篇关于如何在Grails上使用LDAP插件?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
