[英]Spring Security returns 52e
I am trying to do LDAP authentication by Spring Security. 我正在尝试通过Spring Security进行LDAP身份验证。 But it returns an error:
但它返回一个错误:
error code 49 - 80090308: LdapErr: DSID-0C0903D9, comment: AcceptSecurityContext error, data 52e, v2580 ]
错误代码49 - 80090308:LdapErr:DSID-0C0903D9,注释:AcceptSecurityContext错误,数据52e,v2580]
My code: 我的代码:
auth.ldapAuthentication()
.contextSource().url("ldap://server:389/dc=main,dc=domain,dc=ru")
.managerDn("uid=user,ou=Domain Users,dc=mydomain,dc=ru").managerPassword("password")
.and()
.userSearchBase("ou=student")
.userSearchFilter("(cn={0})");
}
What can be the kind of mistake (excluding wrong credentials)? 可能是什么样的错误(不包括错误的凭证)?
It's work ... maybe anybody willbe helpfull auth.authenticationProvider(ldapAuthenticationProvider()); 它的工作......也许任何人都会有帮助的auth.authenticationProvider(ldapAuthenticationProvider()); auth.eraseCredentials(true);
auth.eraseCredentials(真);
@Bean
public DefaultSpringSecurityContextSource contextSource(){
DefaultSpringSecurityContextSource contextSource =
new DefaultSpringSecurityContextSource(Arrays.asList("ldap://url:389/"),"dc=ttu,dc=ru");
contextSource.setUserDn(userDn);
contextSource.setPassword(passwordForLDAP);
contextSource.setReferral("follow");
return contextSource;
}
@Bean
public LdapAuthenticationProvider ldapAuthenticationProvider(){
return new
LdapAuthenticationProvider(ldapAuthenticator(),ldapAuthoritiesPopulator());
}
@Bean
public LdapAuthenticator ldapAuthenticator(){
BindAuthenticator authenticator = new BindAuthenticator(contextSource());
authenticator.setUserSearch(userSearch());
return authenticator;
}
@Bean
public DefaultLdapAuthoritiesPopulator ldapAuthoritiesPopulator(){
DefaultLdapAuthoritiesPopulator ldapAuthoritiesPopulator =
new DefaultLdapAuthoritiesPopulator(contextSource(),"ou=TTU");
ldapAuthoritiesPopulator.setSearchSubtree(true);
ldapAuthoritiesPopulator.setIgnorePartialResultException(true);
//ldapAuthoritiesPopulator.setGroupSearchFilter("member={0}");
ldapAuthoritiesPopulator.setRolePrefix("ROLE_");
ldapAuthoritiesPopulator.setConvertToUpperCase(true);
return ldapAuthoritiesPopulator;
}
@Bean
public FilterBasedLdapUserSearch userSearch(){
FilterBasedLdapUserSearch filterBasedLdapUserSearch =
new FilterBasedLdapUserSearch("","(sAMAccountName={0})",contextSource());
filterBasedLdapUserSearch.setSearchSubtree(true);
return filterBasedLdapUserSearch;
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.