使用Spring Boot应用程序中的AD LDP进行LDAP身份验证 [英] LDAP authentication with AD LDP from Spring Boot application

问题描述

我正在尝试在Sprint Boot应用程序中实现LDAP身份验证.在测试环境中，我已经安装了用于身份验证的Active Directory LDP服务.我已经在AD实例中创建了一个用户，启用了该帐户并设置了密码.然后，我尝试通过Spring登录表单使用此帐户进行身份验证.

I am trying to implement LDAP authentication in a Sprint Boot application. In the test environment I have installed an Active Directory LDP service with which to authenticate. I have created a user within the AD instance, enabled the account and set a password. I am then trying to authenticate using this account from the Spring login form.

当我尝试使用AD登录时，收到错误消息:

When I try to log in using AD I get an error message:

您的登录尝试失败，请重试.

Your login attempt was not successful, try again.

原因:凭据不正确

由于我是AD和Spring的新手，所以我很可能配置错误(或者两者都不正确！).

As I am new to both AD and Spring it is quite possible I have mis-configured either (or both!).

您对我如何进一步诊断此问题有任何建议，或者我可能错过了明显的事情吗?

我的Spring Boot代码(我对此代码尝试了许多不同的变体，这是一个示例):

My Spring Boot code (I have tried a number of different variations on this code, this is one example):

@Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http
            .authorizeRequests()
                .anyRequest().fullyAuthenticated()
                .and()
            .formLogin();
    }

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.authenticationProvider(activeDirectoryLdapAuthenticationProvider());
    }

    @Bean
    public AuthenticationManager authenticationManager() {
        return new ProviderManager(Arrays.asList(activeDirectoryLdapAuthenticationProvider()));
    }

    @Bean
    public AuthenticationProvider activeDirectoryLdapAuthenticationProvider() {
        ActiveDirectoryLdapAuthenticationProvider provider = 
                new ActiveDirectoryLdapAuthenticationProvider("foo.bar", "ldap://servername:389");
        provider.setConvertSubErrorCodesToExceptions(true);
        provider.setUseAuthenticationRequestCredentials(true);
        return provider;
    }
}

推荐答案

事实证明，我的Java实现没有错.问题似乎与AD LDP配置有关.我尝试连接到另一个已知的AD LDP良好实例，并且身份验证第一次起作用.

It turns out that there was nothing wrong with my Java implementation. The issue appears to be with the AD LDP configuration. I tried connecting to another, known good instance of AD LDP and authentication worked first time.

我将把它标记为答案，因为我不再对此问题的解决方案感兴趣，希望将其结束...

I am going to mark this as the answer as I am no longer interested in a solution to this question and wish to close it down...

这篇关于使用Spring Boot应用程序中的AD LDP进行LDAP身份验证的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！