[英]What is the difference between ldapAuthentication vs inMemoryAuthentication?
I am currently following Spring.io tutorials. 我目前正在关注Spring.io教程。 The links are Authenicating-ladp and securing-web
链接是Authenicating-lapp和secure -web
I can see that they are very similar besides the configuration. 我可以看到,除了配置外,它们非常相似。
LDAP LDAP
@Override
public void configure(AuthenticationManagerBuilder auth) throws Exception {
auth
.ldapAuthentication()
.userDnPatterns("uid={0},ou=people")
.groupSearchBase("ou=groups")
.contextSource(contextSource())
.passwordCompare()
.passwordEncoder(new LdapShaPasswordEncoder())
.passwordAttribute("userPassword");
}
@Bean
public DefaultSpringSecurityContextSource contextSource() {
return new DefaultSpringSecurityContextSource(Arrays.asList("ldap://localhost:8389/"), "dc=springframework,dc=org");
}
securing-web 固定的Web
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
auth
.inMemoryAuthentication()
.withUser("user").password("password").roles("USER");
}
What are the pro and cons of using each? 使用每种方法的利弊是什么? Which one is preferred for best practices?
最佳做法首选哪一个?
In-memory authentication is the simplest form, and requires that the credentials for all users be specified in the code itself. 内存中身份验证是最简单的形式,它要求在代码本身中指定所有用户的凭据。 This is impractical in all but the simplest cases.
除了最简单的情况,这在所有情况下都是不切实际的。
LDAP authentication involves authenticating against the LDAP access system, used in many organisations and enterprises around the world. LDAP身份验证涉及针对LDAP访问系统的身份验证,该系统在全球许多组织和企业中都使用。 It is considerably more flexible, and therefore more complicated.
它非常灵活,因此更加复杂。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.