堆栈内存溢出
  简体   繁体   English

Spring LDAP 3.1自定义用户映射器

[英]Spring LDAP 3.1 Custom User Mapper

 原文  2014-10-20 19:45:25       java/ spring/ spring-security/ spring-ldap

问题描述

I'm developing an application with Spring Security and Spring LDAP. 我正在使用Spring Security和Spring LDAP开发应用程序。 This is part of my spring-security.xml: 这是我的spring-security.xml的一部分: 

<authentication-manager alias="authenticationManager">
    <ldap-authentication-provider
            user-search-filter="sAMAccountName={0}"
            user-search-base="OU=UK,OU=Domain Objects,dc=test,dc=test1"
            group-search-filter="member={0}"
            group-search-base="OU=_Groups,OU=UK,OU=Domain Objects,dc=test,dc=test1"
            group-role-attribute="cn"
            role-prefix="ROLE_">
    </ldap-authentication-provider>
</authentication-manager>

<ldap-server url="ldap://host:389/"
                      manager-dn="managerUser"
                      manager-password="ManagerPassword" />

Now I need to do some logic on a user attribute. 现在,我需要对用户属性进行一些逻辑处理。 I was wondering if there is a way to get that attribute during the login phase or I need to do a search on LDAP everytime I need that attribute. 我想知道是否有一种方法可以在登录阶段获取该属性,或者每次需要该属性时都需要在LDAP上进行搜索。

Looking online now I'm a bit confused because I found online many ways to get custom attributes: extending the ContextMapper in the DAO or the AbstractContextMapper or extending LdapUserDetailsMapper. 现在看网上,我有点困惑,因为我在网上找到了许多获取自定义属性的方法:在DAO或AbstractContextMapper中扩展ContextMapper或扩展LdapUserDetailsMapper。

Could you help me to find the correct solution? 您能帮我找到正确的解决方案吗? I think the best way would be to have an object where I can put the attribute I need during the login phase instead of querying the LDAP everytime I need that attribute. 我认为最好的方法是拥有一个可以在登录阶段放置所需属性的对象,而不是每次需要该属性时都查询LDAP。 Thanks 谢谢

1 个解决方案

解决方案1
 0  2015-01-28 12:24:52

I'm not sure exactly what you're asking. 我不确定您要问的是什么。 What I can tell you is that once you're authenticated via LDAP spring security caches the user details so you won't need to make a call to LDAP with every subsequent request. 我可以告诉您的是,一旦您通过LDAP spring安全性进行了身份验证,便会缓存用户详细信息,因此您无需在每个后续请求中都调用LDAP。

This means that any subsequent methods called after the user is logged in can get the user details like so: 这意味着在用户登录后调用的任何后续方法都可以获取用户详细信息,如下所示: 

Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
UserDetails ldapUser = (UserDetails) authentication.getPrincipal();

Or if you prefer you can cast it to a custom class you've created as long as you implement UserDetails. 或者,如果您愿意,可以将其转换为您创建的自定义类,只要实现UserDetails。 

public class MyUser implements UserDetails {
.....
}

Does this help at all? 这有帮助吗?

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 Basic Spring 3.1 LDAP示例 - A Basic Spring 3.1 LDAP Example LDAP 上的 Spring-security 3.1 单点登录 - Spring-security 3.1 single sign on LDAP Spring 4中Websockets的自定义对象映射器 - Custom object mapper for Websockets in Spring 4 Spring LDAP对象目录映射器注释缺少属性 - Missing attributes with Spring LDAP object-directory mapper annotations Spring Security-自定义LDAP认证 - Spring Security - Custom LDAP Authentication 使用LDAP和Spring Security进行自定义登录 - Custom login with LDAP and Spring Security Spring LDAP 将用户添加到组 - Spring LDAP adding user to Group 在弹簧引导端点上使用自定义jackson映射器 - Use custom jackson mapper on spring boot endpoints 使用自定义映射器方法进行Spring映射 - Spring Mapping using a custom mapper method Spring 3.2和Jackson 2:添加自定义对象映射器 - Spring 3.2 and Jackson 2: add custom object mapper
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM