使用Spring Security和JavaConfig进行身份验证时出现PartialResultException [英] PartialResultException when authenticating with Spring Security and JavaConfig
问题描述
我目前正在使用Spring Boot创建一个新的Web应用程序,并开始集成Spring Security进行身份验证。在成功遵循基于Spring Boot的 LDAP教程之后,我想指出我的JavaConfig基于我的Active Directory实例的配置。
I am currently creating a new web application using Spring Boot and began the process of integrating Spring Security for authentication. After successfully following the Spring Boot-based LDAP tutorial, I wanted to point my JavaConfig-based configuration to my Active Directory instance.
我的应用程序现在按预期处理错误的凭据,但现在有效凭据导致
My application now handles bad credentials as expected, but valid credentials now result in
javax.naming.PartialResultException: Unprocessed Continuation Reference(s); remaining name ''
这是一个常见问题 - 有一个数字 地点此问题的所在地遇到过。解决方案似乎是将Context.REFERRAL设置为follow,但我找不到任何说明如何使用JavaConfig设置该选项的文档。这是我唯一可以恢复到基于XML的配置吗?看起来Spring正在将开发人员推向JavaConfig,所以如果可能的话,我想避免混合使用这两种方法。
This is a common problem -- there are a number of places where this issue has been encountered. The solution appears to be setting Context.REFERRAL to "follow", but I can't find any documentation indicating how to set that option using JavaConfig. Is my only option here to revert to an XML-based configuration? It seems like Spring is pushing developers toward JavaConfig, so I'd like to avoid mixing the two approaches, if possible.
以下是我的安全配置:
@Configuration
@EnableWebMvcSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests().antMatchers("/css/**").permitAll().anyRequest()
.fullyAuthenticated().and().formLogin();
}
@Configuration
protected static class AuthenticationConfiguration extends
GlobalAuthenticationConfigurerAdapter {
@Override
public void init(AuthenticationManagerBuilder auth) throws Exception {
auth.ldapAuthentication()
.userSearchBase("")
.userSearchFilter("(&(cn={0}))").contextSource()
.managerDn("<username>")
.managerPassword("<password>")
.url("ldap://<url>");
}
}
}
推荐答案
我觉得我需要使用 LdapContextSource 的实例才能实现这一点(因为它方便地有一个 setReferral 方法),但我对细节有点挣扎。 论坛帖子 spring.io给了我足够的时间,看起来我现在已经有了工作。
I had the feeling I'd need to use an instance of LdapContextSource to make this happen (since it conveniently has a setReferral method), but I struggled a bit with the details. A forum post on spring.io gave me enough to go on, and it looks like I now have things working.
我不清楚我是否有任何重大缺陷我在这里做,但它似乎有效,所以希望这将有助于未来的其他人:
It's not clear to me if there are any significant flaws with what I'm doing here, but it seems to work, so hopefully this will be helpful to someone else in the future:
@Configuration
@EnableWebMvcSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests().antMatchers("/css/**").permitAll().anyRequest()
.fullyAuthenticated().and().formLogin();
}
@Configuration
protected static class AuthenticationConfiguration extends
GlobalAuthenticationConfigurerAdapter {
@Override
public void init(AuthenticationManagerBuilder auth) throws Exception {
DefaultSpringSecurityContextSource contextSource = new DefaultSpringSecurityContextSource("ldap://<url>");
contextSource.setUserDn("<username>");
contextSource.setPassword("<password>");
contextSource.setReferral("follow");
contextSource.afterPropertiesSet();
LdapAuthenticationProviderConfigurer<AuthenticationManagerBuilder> ldapAuthenticationProviderConfigurer = auth.ldapAuthentication();
ldapAuthenticationProviderConfigurer
.userSearchFilter("(&(cn={0}))")
.userSearchBase("")
.contextSource(contextSource);
}
}
}
这篇关于使用Spring Security和JavaConfig进行身份验证时出现PartialResultException的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
