如何在Spring LDAP中添加LDAP缓存? [英] How to add LDAP cache in Spring LDAP?

问题描述

我想在本地缓存LDAP用户数据以允许更快的查询. Spring LDAP是否提供了这样的功能?我该怎么办?

I want to cache LDAP user data locally to allow faster queries. Do the Spring LDAP offers such a functionality? How can I do this?

我正在使用Spring Security 3.1和Spring LDAP 1.3.1进行身份验证和授权.

I am using Spring Security 3.1 and Spring LDAP 1.3.1 for authentication and authorization. It would be nice to have a cache for LDAP using built-in mechanism if exists..

applicationContext-ldap.xml:

applicationContext-ldap.xml:

<?xml  version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xmlns:jee="http://www.springframework.org/schema/jee"
    xsi:schemaLocation="
        http://www.springframework.org/schema/beans
        http://www.springframework.org/schema/beans/spring-beans.xsd
        http://www.springframework.org/schema/jee
        http://www.springframework.org/schema/jee/spring-jee.xsd
    ">

    <!-- Ldap -->
    <jee:jndi-lookup id="ldapUrl" jndi-name="appName/ldapUrl" expected-type="java.lang.String" />
    <jee:jndi-lookup id="ldapUser" jndi-name="appName/ldapUser" expected-type="java.lang.String" />
    <jee:jndi-lookup id="ldapPassword" jndi-name="appName/ldapPassword" expected-type="java.lang.String" />

    <!-- for authentication and search purpose -->
    <bean id="ldapContextSource" class="org.springframework.ldap.core.support.LdapContextSource">
        <property name="url" ref="ldapUrl" />
        <property name="userDn" ref="ldapUser" />
        <property name="password" ref="ldapPassword" />
        <property name="pooled" value="true" />
    </bean>

    <bean id="ldapTemplate" class="org.springframework.ldap.core.LdapTemplate">
        <property name="contextSource" ref="ldapContextSource" />
    </bean>

    <!-- for pagination search purpose  -->
    <bean id="dirContext" factory-bean="ldapContextSource" factory-method="getReadOnlyContext" scope="session"/>

    <bean id="singleLdapContextSource" class="org.springframework.ldap.core.support.SingleContextSource" scope="session">
        <constructor-arg ref="dirContext"/>
    </bean>

    <bean id="singleLdapTemplate" class="org.springframework.ldap.core.LdapTemplate" scope="session">
        <property name="contextSource" ref="singleLdapContextSource" />
    </bean>

</beans>

Spring Security配置:

spring-security.xml:

Spring Security configuration:

spring-security.xml:

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
    xmlns:security="http://www.springframework.org/schema/security"
    xsi:schemaLocation="http://www.springframework.org/schema/beans 
        http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
        http://www.springframework.org/schema/security 
        http://www.springframework.org/schema/security/spring-security-3.1.xsd">

    <!-- This is where we configure Spring-Security  -->
    <security:http
        auto-config="true"
        use-expressions="true"
        access-denied-page="/auth/denied"
    >
        <security:intercept-url pattern="/login" access="permitAll"/>
        <security:intercept-url pattern="/app/admin" access="permitAll"/>
        <security:intercept-url pattern="/app/common" access="hasRole('User')"/>
        <security:intercept-url pattern="/viol/home" access="permitAll"/>
        <security:intercept-url pattern="/app/users" access="permitAll"/>
        <security:intercept-url pattern="/admin/edit/*" access="hasRole('Administrator')"/>

        <security:form-login
                login-page="/auth/login" 
                authentication-failure-url="/auth/loginFailure" 
                default-target-url="/auth/authorize"/>

        <security:logout 
                invalidate-session="true" 
                logout-success-url="/auth/login"
                logout-url="/logout"/>
    </security:http>

    <security:authentication-manager>
        <security:ldap-authentication-provider
            server-ref="ldapContextSource"
            user-search-filter="(sAMAccountName={0})"
            user-search-base="dc=myDomain,dc=com"
         />
    </security:authentication-manager>
</beans>

非常感谢您的帮助！

推荐答案

如果您配置

If you configure EhCacheBasedUserCache and use ldap-user-service then you can use cache as:

    <authentication-manager>
   <authentication-provider>
    <ldap-user-service 
       user-search-filter="(sAMAccountName={0})" user-search-base="dc=myDomain,dc=com" cache-ref="userCache" />
   </authentication-provider>
</authentication-manager>

这篇关于如何在Spring LDAP中添加LDAP缓存?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！