[英]Ldap access forbidden spring security
My SecurityConfig:我的安全配置:
@Configuration
@EnableGlobalMethodSecurity(securedEnabled = true, jsr250Enabled = true)
@EnableWebSecurity
public class SecurityConfiguration extends WebSecurityConfigurerAdapter
{
@Override
protected void configure(HttpSecurity httpSecurity) throws Exception
{
// @formatter:off
httpSecurity
.antMatcher("/**").authorizeRequests()
.antMatchers("/boards/**").permitAll()
.anyRequest().authenticated()
.and().csrf().csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
.and().exceptionHandling()
.accessDeniedPage("/accessDenied");
// @formatter:on
}
@Override
public void configure(AuthenticationManagerBuilder auth) throws Exception
{
auth.ldapAuthentication()
.userDnPatterns("uid={0},ou=people")
.userSearchBase("ou=people")
.userSearchFilter("uid={0}")
.groupSearchBase("ou=groups")
.groupSearchFilter("uniqueMember={0}")
.contextSource()
.url("ldap://localhost:8389/dc=concretepage,dc=com")
.and()
.passwordCompare()
.passwordEncoder(passwordEncoder())
.passwordAttribute("userPassword");
}
@Bean
public PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
My ldap.ldif
我的
ldap.ldif
dn: dc=concretepage,dc=com
objectclass: top
objectclass: domain
objectclass: extensibleObject
dc: concretepage
dn: ou=groups,dc=concretepage,dc=com
objectclass: top
objectclass: organizationalUnit
ou: groups
dn: ou=people,dc=concretepage,dc=com
objectclass: top
objectclass: organizationalUnit
ou: people
dn: uid=krishna,ou=people,dc=concretepage,dc=com
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
cn: Krishna Sharma
sn: Sharma
uid: krishna
userPassword: $2a$10$S8V5m0T40n9hhzLtRZpUYuSF38b88axEKIDyVrXtA8b8LN0CB6CRq
dn: uid=surya,ou=people,dc=concretepage,dc=com
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
cn: Surya Singh
sn: Singh
uid: surya
userPassword: $2a$10$FXjepdY6oNJuUGGFEuyPFOJ/i7BjFcW1hfq8WClVjXbVq7suNu2A2
dn: cn=developers,ou=groups,dc=concretepage,dc=com
objectclass: top
objectclass: groupOfUniqueNames
cn: developers
ou: developer
uniqueMember: uid=krishna,ou=people,dc=concretepage,dc=com
uniqueMember: uid=surya,ou=people,dc=concretepage,dc=com
dn: cn=managers,ou=groups,dc=concretepage,dc=com
objectclass: top
objectclass: groupOfUniqueNames
cn: managers
ou: manager
uniqueMember: uid=krishna,ou=people,dc=concretepage,dc=com
I try to access the /labels/xxxx
with postdam by passing username and password but i get an accessDenied:我尝试通过传递用户名和密码来使用 postdam 访问
/labels/xxxx
,但我得到一个 accessDenied:
Second variant with BasicAuth
BasicAuth
的第二个变体
The /board/xyqas
is available /board/xyqas
可用
i miss the .and().httpBasic()
我想念
.and().httpBasic()
httpSecurity
.antMatcher("/**").authorizeRequests()
.antMatchers("/boards/**").permitAll()
.anyRequest().authenticated()
.and().csrf().csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
.and().exceptionHandling()
.accessDeniedPage("/accessDenied")
.and().httpBasic();
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.