使用 Spring Security 和 JavaConfig 进行身份验证时出现 PartialResultException [英] PartialResultException when authenticating with Spring Security and JavaConfig
问题描述
我目前正在使用 Spring Boot 创建一个新的 Web 应用程序,并开始集成 Spring Security 以进行身份验证.成功遵循基于 Spring Boot 的 LDAP 教程 后,我想指出我的 JavaConfig-基于我的 Active Directory 实例的配置.
I am currently creating a new web application using Spring Boot and began the process of integrating Spring Security for authentication. After successfully following the Spring Boot-based LDAP tutorial, I wanted to point my JavaConfig-based configuration to my Active Directory instance.
我的应用程序现在按预期处理错误凭据,但有效凭据现在导致
My application now handles bad credentials as expected, but valid credentials now result in
javax.naming.PartialResultException: Unprocessed Continuation Reference(s); remaining name ''
这是一个常见问题——有一个数字
This is a common problem -- there are a number of places where this issue has been encountered. The solution appears to be setting Context.REFERRAL to "follow", but I can't find any documentation indicating how to set that option using JavaConfig. Is my only option here to revert to an XML-based configuration? It seems like Spring is pushing developers toward JavaConfig, so I'd like to avoid mixing the two approaches, if possible.
以下是我的安全配置:
@Configuration
@EnableWebMvcSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests().antMatchers("/css/**").permitAll().anyRequest()
.fullyAuthenticated().and().formLogin();
}
@Configuration
protected static class AuthenticationConfiguration extends
GlobalAuthenticationConfigurerAdapter {
@Override
public void init(AuthenticationManagerBuilder auth) throws Exception {
auth.ldapAuthentication()
.userSearchBase("")
.userSearchFilter("(&(cn={0}))").contextSource()
.managerDn("<username>")
.managerPassword("<password>")
.url("ldap://<url>");
}
}
}
推荐答案
我觉得我需要使用 LdapContextSource
的实例来实现这一点(因为它方便地有一个 setReferral
方法),但我在细节上有点挣扎.论坛帖子spring.io 给了我足够的时间,看起来我现在可以正常工作了.
I had the feeling I'd need to use an instance of LdapContextSource
to make this happen (since it conveniently has a setReferral
method), but I struggled a bit with the details. A forum post on spring.io gave me enough to go on, and it looks like I now have things working.
我不清楚我在这里所做的是否有任何重大缺陷,但它似乎有效,所以希望这会在未来对其他人有所帮助:
It's not clear to me if there are any significant flaws with what I'm doing here, but it seems to work, so hopefully this will be helpful to someone else in the future:
@Configuration
@EnableWebMvcSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests().antMatchers("/css/**").permitAll().anyRequest()
.fullyAuthenticated().and().formLogin();
}
@Configuration
protected static class AuthenticationConfiguration extends
GlobalAuthenticationConfigurerAdapter {
@Override
public void init(AuthenticationManagerBuilder auth) throws Exception {
DefaultSpringSecurityContextSource contextSource = new DefaultSpringSecurityContextSource("ldap://<url>");
contextSource.setUserDn("<username>");
contextSource.setPassword("<password>");
contextSource.setReferral("follow");
contextSource.afterPropertiesSet();
LdapAuthenticationProviderConfigurer<AuthenticationManagerBuilder> ldapAuthenticationProviderConfigurer = auth.ldapAuthentication();
ldapAuthenticationProviderConfigurer
.userSearchFilter("(&(cn={0}))")
.userSearchBase("")
.contextSource(contextSource);
}
}
}
这篇关于使用 Spring Security 和 JavaConfig 进行身份验证时出现 PartialResultException的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!