ldap & JWT authentication without spring security

Question

I'm trying to create a security module that will check against LDAP for user credentials (on login) and on successful login generate a JWT for further requests to the server.

currently my module works like this: i have 3 rest API endpoints to provide authentication (login, validate JWT, logout) that are not protected as anyone must be able to access those endpoints, and also 1 userUpdate endpoint protected with spring security via a JWTAuthenticationProvider

all the stuff pertaining the JWT is ready, now I just need to create a method to check in LDAP if the user and password are correct. but i am having some trouble understanding how am i supposed to do so

i already have the master user and pass to conect to ldap, but most of the examples i find about ldap authentication are with spring security and i dont think thats the way to do it in this case as i need to verify the matching us/pass only on login (and not protect my endpoints with security).

can anyone tell me how im supposed to do that verification? any stuff i am not being clear on? please ask and comment and answer.

thanks

---

oh one edit:

@Override
public AuthenticationResponse login(AuthenticationRequest authenticationRequest) {
    checkNotNull(authenticationRequest, "The authenticationRequest is a required argument!");

    AuthenticationResponse authenticationResponse = AuthenticationResponse.builder().build();

    //currently a pseudo authentication, here is where i should authenticate against LDAP
    Optional<Usuario> optionalUsuario = service.findByNombreUsuario(authenticationRequest);

    if (optionalUsuario.isPresent()) {
        Usuario usuario = optionalUsuario.get();

        String token = JwtTokenUtil.generateToken(authenticationRequest);
        authenticationResponse.setAuthenticationToken(token);

        repository.saveToken(UserToken.builder()
                .nombreUsuario(usuario.getNombreUsuario())
                .roles(usuario.getRoles())
                .build(), token);

as you can see i intent to make the authentication against ldap only at login, and only to check if the user and pass are correct, i will manage the roles and authorities using other DB

---

another edit: i have some basic ldap structure for ldap auth using spring security, but i always get bad credentials

---

edit again: i managed to make it work with spring security, but (as expected) was told by my team that we need to implement that authentication without spring security to integrate with our custom role loader and token creation

Answer 1

使用http://docs.spring.io/spring-security/site/docs/current/apidocs/org/springframework/security/ldap/authentication/LdapAuthenticationProvider.html进行身份验证并从LDAP中获取角色，应该使用spring来完成安全性，我可能错过了一些东西，但是您能解释一下为什么您不愿意使用它吗？