在Unix环境下将应用程序部署在JBoss中时,如何实现Spring LDAP认证?
[英]How to implement Spring LDAP authentication when application deployed in JBoss on unix environment?
问题描述
I am trying to implement LDAP authentication using spring security and jboss server. 
我正在尝试使用Spring Security和jboss服务器实现LDAP身份验证。
Below is my environment setup: 以下是我的环境设置:
Active directory running on company Windows server
在公司Windows服务器上运行的Active Directory application to be deployed jboss server running on RHEL 6.4
在RHEL 6.4上运行的要部署的jboss服务器的应用程序 java version to be used: 1.6
使用的Java版本:1.6 JBoss version: jboss-eap6, jboss-as-7.1.1 Final
JBoss版本:jboss-eap6,jboss-as-7.1.1 Final
What i am trying to achieve is : 我想要达到的是:
- When the user open the application url from the windows machine in company network, he should get authenticated against the company LDAP server and be able to go the dashboard with being asked for password. 当用户从公司网络中的Windows计算机打开应用程序URL时,他应该针对公司LDAP服务器进行身份验证,并且能够通过询问密码进入仪表板。
- When the same url is opened from any machine outside company network, the the login page should be displayed and on providing credentials authentication should be done against the company LDAP and then the user specific dashboard page should be displayed. 当从公司网络外部的任何计算机打开相同的URL时,应显示登录页面,并且在提供凭据时应针对公司LDAP进行身份验证,然后应显示用户特定的仪表板页面。
I have already gone through the WAFFLE and SPNEGO documentation/tutorials available over internet, but WAFFLE dont work in OS other than Windows as it uses some Win32 api. 我已经浏览了Internet上的WAFFLE和SPNEGO文档/教程,但是WAFFLE在Windows之外的其他操作系统中不起作用,因为它使用了某些Win32 API。 Also What SPNEGO (PRE-AUTH) does is not exactly what i want to achieve. SPNEGO(PRE-AUTH)所做的也不完全是我想要实现的目标。
In short in want to implemnent what WAFFLE do but the problem is that my application would be deployed in unix machine. 简而言之,想实现WAFFLE的功能,但问题是我的应用程序将部署在UNIX机器上。
Please help me. 请帮我。
1 个解决方案
解决方案1
1 2013-11-10 10:34:14
What you can do, is start out configuring your application using an in-memory authentication provider. 您可以做的就是开始使用内存身份验证提供程序配置应用程序。 Internalisation using Spring Security In-Memory Authentication 使用Spring Security内存身份验证进行内部化
The only thing you then have to do is change out the in-memory authentication provider with an LDAP authentication provider. 然后,您唯一要做的就是将内存身份验证提供程序替换为LDAP身份验证提供程序。 The best information I found so far is in the spring reference itself. 到目前为止,我发现的最佳信息是在spring参考本身中。 http://docs.spring.io/spring-security/site/docs/3.0.x/reference/ldap.html http://docs.spring.io/spring-security/site/docs/3.0.x/reference/ldap.html
Add the Ldap active directory address
添加Ldap活动目录地址 < ldap-server url="ldap://springframework.org:389/dc=springframework,dc=org" />
<ldap-server url =“ ldap://springframework.org:389 / dc = springframework,dc = org” /> Hook up the ldap bind authentication provider
连接ldap绑定身份验证提供程序 < ldap-authentication-provider user-search-filter="(uid={0})" user-search-base="ou=people"/>
<ldap-authentication-provider user-search-filter =“(uid = {0})” user-search-base =“ ou = people” />
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.