堆栈内存溢出
  简体   繁体   English

如何使用spring Security通过基于邮件和uid的LDAP对用户进行身份验证?

[英]How to authenticate a user from LDAP based on mail and by uid with spring Security?

 原文  2016-08-01 06:24:59       java/ spring/ security/ spring-boot/ ldap

问题描述

I want a user to be able to login both by his uid and by mail ? 我希望用户能够同时通过其uid和邮件登录? How to achieve this using my spring Security configuration ? 如何使用我的spring Security配置实现此目的? 

@Configuration
@EnableWebSecurity
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http
                .authorizeRequests()
                .anyRequest().fullyAuthenticated()
                .and()
                .formLogin().passwordParameter("password");
    }

    @Configuration
    protected static class AuthenticationConfiguration extends GlobalAuthenticationConfigurerAdapter {

        @Autowired
        LdapContextSource contextSource;

        @Override
        public void init(AuthenticationManagerBuilder auth) throws Exception {
            auth
                    .ldapAuthentication()
                    .userDnPatterns("uid={0}")
                    .contextSource(contextSource);
        }
    }
}

At userDnPatterns can I specify another attribute along with uid? 我可以在userDnPatterns中指定另一个属性以及uid吗? Or authentication with uid is standard ? 还是用uid认证是标准的?

1 个解决方案

解决方案1
 3 已采纳  2016-08-01 20:31:28

You need to use a custom user search filter. 您需要使用自定义用户搜索过滤器。 The following code uses an OR filter that tries to match the uid or mail to the value entered by the user in the login screen: 以下代码使用OR过滤器,该过滤器试图将uid或mail与用户在登录屏幕中输入的值进行匹配: 

@Configuration
@EnableWebSecurity
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http
                .authorizeRequests()
                .anyRequest().fullyAuthenticated()
                .and()
                .formLogin().passwordParameter("password");
    }

    @Configuration
    protected static class AuthenticationConfiguration extends GlobalAuthenticationConfigurerAdapter {

        @Autowired
        LdapContextSource contextSource;

        @Override
        public void init(AuthenticationManagerBuilder auth) throws Exception {
            auth
                    .ldapAuthentication()
                    .userDnPatterns("uid={0}")
                    .userSearchFilter("(|(uid={0})(mail={0}))")
                    .contextSource(contextSource);
        }
    }
}

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 Spring安全性配置来认证ldap用户 - Spring security configuration to authenticate ldap user 如何使用Spring Security针对db或ldap对用户进行动态身份验证? - How can I dynamically authenticate a user against the db or ldap with spring security? 如何从Spring Security中的LDAP获取其他用户属性? - How to get additional user attributes from LDAP in Spring Security? 如何在 Spring 安全后端正确验证来自 Angular 应用程序的用户 - How to correctly authenticate User from an Angular app at an Spring Security Backend Spring Security无法验证用户 - Spring security not authenticate the user 如何使用Spring Security验证用户身份? - how to authenticate user using spring security? 如何使用Spring Ldap在Active Directory中对用户进行身份验证和搜索 - How authenticate and search user in Active Directory using Spring Ldap 通过spring security基于远程身份验证响应对用户进行身份验证 - Authenticate user with spring Security based on remote authentication response LDAP + Spring:如何正确认证? - LDAP + Spring: how to correctly authenticate? 如何使用Spring Security,Spring LDAP和Hibernate处理用户信息? - How to handle user information with Spring Security, Spring LDAP, and Hibernate?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM