[英]How can I get the user information using Spring Security with LDAP
Im using Spring 3.1.1 with Spring Security 3.2.0 with LDAP authencitation. 我将Spring 3.1.1与带有LDAP身份验证的Spring Security 3.2.0一起使用。 I have gotten it to a point that works fine and I can log in using my LDAP username and password, I can even display the username with this
我已经知道它可以正常工作了,我可以使用我的LDAP用户名和密码登录,甚至可以用此显示用户名
<security:authentication property="principal.username" />, is currently logged in.
I want to know how, if at all possible, can I get the first name, surname, email address or other information like that stored in my LDAP credentials. 我想知道如何才能获取我的LDAP凭据中存储的名字,姓氏,电子邮件地址或其他信息。
I've tried property="credentials"
but this returns null... 我尝试过
property="credentials"
但这返回null ...
PLEASE HELP!! 请帮忙!!
Implement your own UserDetailsContextMapper and load LDAP user properties into the UserDetails object 实现您自己的UserDetailsContextMapper并将LDAP用户属性加载到UserDetails对象中
http://docs.spring.io/spring-security/site/docs/3.2.x/reference/htmlsingle/#ldap-custom-user-details http://docs.spring.io/spring-security/site/docs/3.2.x/reference/htmlsingle/#ldap-custom-user-details
This is eerily similar to my question a few days ago: 这与几天前我的问题极为相似:
How do I use a custom authorities populator with Spring Security and the ActiveDirectoryLdapAuthenticationProvider? 如何在Spring Security和ActiveDirectoryLdapAuthenticationProvider中使用自定义权限填充器?
If you're not using Active Directory, you can simply extend the LdapAuthenticationProvider
class and override the loadUserAuthorities
method, in which you can capture the relevant user information based on the LDAP attributes for the user: 如果您不使用Active Directory,则可以简单地扩展
LdapAuthenticationProvider
类并覆盖loadUserAuthorities
方法,在该方法中,您可以根据用户的LDAP属性捕获相关的用户信息:
String firstName = userData.getStringAttribute("givenName");
String lastName = userData.getStringAttribute("sn");
//etc.
You can store these wherever or however you like, and you're only limited to the attributes available via LDAP. 您可以将它们存储在任何位置或任意位置,并且仅限于通过LDAP可用的属性。 Then, you'd have to specify your LdapAuthoritiesProvider in the appropriate bean (ldapAuthoritiesPopulator, if memory serves).
然后,您必须在适当的bean(ldapAuthoritiesPopulator,如果有内存)中指定LdapAuthoritiesProvider。
I believe the above will work for non-AD LDAP, but you'll obviously need to test it to be sure. 我相信以上内容适用于非AD LDAP,但是显然您需要对其进行测试以确保。 I recommend the LDAP browser for Eclipse provided by Apache Studios , if you're not already using it.
如果您尚未使用LDAP,我建议使用Apache Studios提供的Eclipse LDAP浏览器 。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.