[英]UserSearchFilter&managerDn issue when authenticating to LDAP
I'm trying to connect the LDAP using the following code:我正在尝试使用以下代码连接 LDAP:
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
<version>2.5.4</version>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-data-ldap</artifactId>
<version>2.5.4</version>
</dependency>
auth.ldapAuthentication()
.groupSearchBase("ou=groups")
.contextSource()
.managerDn("CN=someValidLogin,OU=UsersGeneric,OU=IT,OU=Penzberg,OU=AdminUnits,DC=emea,DC=rr,DC=com")
.managerPassword("someValidPassword")
.url("ldap://abc.def.ghi.com:3268/DC=emea,DC=rr,DC=com")
.and()
.userSearchFilter("(&(sAMAccountName={0})(objectClass=user)(objectCategory=person)(memberOf=CN=TEST_DEVELOPER,OU=Applications,OU=Groups,DC=emea,DC=rr,DC=com))")
.passwordCompare()
.passwordAttribute("userpassword");
Unfortunately, after typing my correct credentials in the swagger I'm getting the response:不幸的是,在 swagger 中输入我正确的凭据后,我得到了响应:
[LDAP: error code 16 - 00000057: LdapErr: DSID-0C091146, comment: Error in attribute conversion operation, data 0, v3839]; nested exception is javax.naming.directory.NoSuchAttributeException: [LDAP: error code 16 - 00000057: LdapErr: DSID-0C091146, comment: Error in attribute conversion operation, data 0, v3839]; remaining name ‘CN=loginThatIPassedViaSwagger,OU=Users,OU=IT,OU=Warsaw,OU=AdminUnits’
Likely, I mixed something with managerDn and userSearchFilter, but I cannot figure out what?可能,我将一些东西与 managerDn 和 userSearchFilter 混合在一起,但我不知道是什么?
After many attempts, I have figured out that the following works:经过多次尝试,我发现以下工作:
auth.ldapAuthentication()
.groupSearchBase("")
.contextSource()
.managerDn("CN=someValidLogin,OU=UsersGeneric,OU=IT,OU=Penzberg,OU=AdminUnits,DC=emea,DC=rr,DC=com")
.managerPassword("someValidPassword")
.url("ldap://abc.def.ghi.com:3268")
.and()
.userSearchBase("")
.userSearchFilter(
"(&(sAMAccountName={0})(objectClass=user)(objectCategory=person)(|(memberOf:1.2.333.12345.1.4.1941:=CN=TEST_DEVELOPER,OU=Applications,OU=Groups,DC=emea,DC=rr,DC=com)))");
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.