Spring LDAP和Spring Boot配置 [英] Spring LDAP and Spring Boot configuration
本文介绍了Spring LDAP和Spring Boot配置的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我有教育问题:
有一个带有用户及其密码的Windows Server 2003(AD)虚拟机。建立与机器的连接(IP:192.168.56.101:389)。
Web应用程序的目的是使用户能够在AD中更改其密码。 / p>
问题:无法配置与windws server 2003的连接。
我从本教程开始
请检查 application.properties 。
#spring.ldap.embedded.ldif = classpath:test-server.ldif
#spring.ldap.embedded.base-dn = dc = springframework, dc = org
#spring.ldap.embedded.port = 8389
spring.ldap.base = dc = GRSU,dc = local
spring.ldap.urls = 192.168.56.101:389
spring.ldap.username = cn = Jack Wood,cn = Users,dc = GRSU,dc = local
spring.ldap.password = 1234
WebSecurityConfig
package hello;
import java.util.Arrays;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.encoding.LdapShaPasswordEncoder;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.ldap.DefaultSpringSecurityContextSource;
@Configuration
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http)throws Exception {
http
.authorizeRequests()
.anyRequest()。fullyAuthenticated()
。和()
.formLogin();
}
@Override
public void configure(AuthenticationManagerBuilder auth)抛出异常{
auth
.ldapAuthentication()
.userDnPatterns( cn = {0},cn = Users)
.groupSearchBase(ou = groups)
.contextSource(contextSource())
.passwordCompare()
.passwordEncoder( new LdapShaPasswordEncoder())
.passwordAttribute(userPassword);
}
@Bean
public DefaultSpringSecurityContextSource contextSource(){
return new DefaultSpringSecurityContextSource(ldap://192.168.56.101:389 /);
}
}
HomeController
package hello;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;
@RestController
public class HomeController {
@GetMapping(/)
public String index(){
returnWelcome到主页!;
}
}
申请
package hello;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
@SpringBootApplication
public class Application {
public static void main(String [] args){
SpringApplication.run(Application.class,args) );
}
}
解决方案
尝试更改
spring.ldap.username = cn = Jack Wood,cn =用户,dc = GRSU,dc =本地
到
spring.ldap.username = cn = Jack Wood,cn = Users
这有帮助吗?
我的理解是用户名使用了相对域名(rdn),而不是绝对域名(dn)。
I have educational problem:
There are virtual machine with windows server 2003 (AD) with users and their passwords. Connection to the machine is established (ip:192.168.56.101:389).
The purpose of the web application is to enable the user to change his password in AD.
Problem: can't configure connection to windws server 2003.
I started from this tutorial https://spring.io/guides/gs/authenticating-ldap/
When I try to log in as "Jack Wood" and pass "1234" I got error.
org.springframework.security.authentication.InternalAuthenticationServiceException:
Uncategorized exception occured during LDAP processing;
nested exception is javax.naming.NamingException:
[LDAP: error code 1 - 00000000: LdapErr: DSID-0C090627, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, vece ]; remaining name 'cn=Jack Wood,cn=Users'
Please check application.properties.
#spring.ldap.embedded.ldif=classpath:test-server.ldif
#spring.ldap.embedded.base-dn=dc=springframework,dc=org
#spring.ldap.embedded.port=8389
spring.ldap.base=dc=GRSU,dc=local
spring.ldap.urls=192.168.56.101:389
spring.ldap.username=cn=Jack Wood,cn=Users,dc=GRSU,dc=local
spring.ldap.password=1234
WebSecurityConfig
package hello;
import java.util.Arrays;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.encoding.LdapShaPasswordEncoder;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.ldap.DefaultSpringSecurityContextSource;
@Configuration
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.anyRequest().fullyAuthenticated()
.and()
.formLogin();
}
@Override
public void configure(AuthenticationManagerBuilder auth) throws Exception {
auth
.ldapAuthentication()
.userDnPatterns("cn={0},cn=Users")
.groupSearchBase("ou=groups")
.contextSource(contextSource())
.passwordCompare()
.passwordEncoder(new LdapShaPasswordEncoder())
.passwordAttribute("userPassword");
}
@Bean
public DefaultSpringSecurityContextSource contextSource() {
return new DefaultSpringSecurityContextSource("ldap://192.168.56.101:389/");
}
}
HomeController
package hello;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;
@RestController
public class HomeController {
@GetMapping("/")
public String index() {
return "Welcome to the home page!";
}
}
Application
package hello;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
@SpringBootApplication
public class Application {
public static void main(String[] args) {
SpringApplication.run(Application.class, args);
}
}
解决方案
Try changing
spring.ldap.username=cn=Jack Wood,cn=Users,dc=GRSU,dc=local
to
spring.ldap.username=cn=Jack Wood,cn=Users
Does that help?
My understanding is that the username uses the relative domain name (rdn) as opposed to the absolute domain name (dn).
这篇关于Spring LDAP和Spring Boot配置的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
