[英]Springboot with LDAP Auth No results found for search, base: ''
I'm trying to connect my SpringBoot app to the ldap server.我正在尝试将我的 SpringBoot 应用程序连接到 ldap 服务器。 (not embedded) The problem while i'm trying to connect is:
(未嵌入)我尝试连接时的问题是:
try auth
2022-02-26 20:31:12.593 INFO 19692 --- [nio-8080-exec-2] o.s.ldap.core.LdapTemplate : No results found for search, base: ''; filter: '(uid=myemail@company.com)'.
auth FAIL
I don't understand why the base '' is empty because i specified it in the properties.. I don't know if it is the only problem let me know if you can.我不明白为什么 base '' 是空的,因为我在属性中指定了它。我不知道这是否是唯一的问题,如果可以的话请告诉我。 Thanks!
谢谢!
ldap:
urls: ldap://dig.intra.company.fr:389
base: OU=UTILISATEURS,DC=dig,DC=intra,DC=company,DC=fr
username: CN=S_BELUGA,CN=Users,DC=dig,DC=intra,DC=company,DC=fr
password: Password2022
anonymous-read-only: false
Endpoint端点
@Autowired
private AuthenticationManager authenticationManager;
@Operation(summary = "Authentification LDAP")
@PostMapping(value = "/ldapAuth", consumes = APPLICATION_JSON_VALUE, produces = APPLICATION_JSON_VALUE)
@ResponseStatus(HttpStatus.OK)
public void ldap(@Valid @RequestBody UserAuthentificationDTO userAuth) {
authenticationManager.authenticate(new UsernamePasswordAuthenticationToken(userAuth.getEmail(),
userAuth.getPassword()));
}
WebSecurityConfig Web安全配置
@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
private JwtTokenProvider jwtTokenProvider;
private OpenLdapAuthenticationProvider openLdapAuthenticationProvider;
public WebSecurityConfig(OpenLdapAuthenticationProvider openLdapAuthenticationProvider,
JwtTokenProvider jwtTokenProvider) {
this.openLdapAuthenticationProvider = openLdapAuthenticationProvider;
this.jwtTokenProvider = jwtTokenProvider;
}
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.authenticationProvider(openLdapAuthenticationProvider);
}
OpenLdapAuthenticationProvider OpenLdapAuthenticationProvider
@Component
public class OpenLdapAuthenticationProvider implements AuthenticationProvider {
@Autowired
private LdapTemplate ldapTemplate;
@Override
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
System.out.println("try auth");
Filter filter = new EqualsFilter("uid", authentication.getName());
Boolean authenticate = ldapTemplate.authenticate(LdapUtils.emptyLdapName(), filter.encode(),
authentication.getCredentials().toString());
if (authenticate) {
System.out.println("utilisateur authentifié avec ldap");
List<GrantedAuthority> grantedAuthorities = new ArrayList<>();
grantedAuthorities.add(new SimpleGrantedAuthority("ROLE_USER"));
UserDetails userDetails = new User(authentication.getName(), authentication.getCredentials().toString(),
grantedAuthorities);
Authentication auth = new UsernamePasswordAuthenticationToken(userDetails,
authentication.getCredentials().toString(), grantedAuthorities);
return auth;
} else {
System.out.println("auth FAIL");
return null;
}
}
@Override
public boolean supports(Class<?> authentication) {
return authentication.equals(UsernamePasswordAuthenticationToken.class);
}
}
The problem was with "uid".问题出在“uid”上。 It should be replaced by "mail" attribute.
它应该被替换为“邮件”属性。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.