How can I dynamically authenticate a user against the db or ldap with spring security?
Question
I configured the authentication to work with both the db and ldap like this:
auth.ldapAuthentication()
.groupSearchBase(groupSearchBase)
.groupSearchFilter(groupFilter)
.userSearchFilter(userFilter).userSearchBase(userSearchBase)
.contextSource(contextSource())
.and()
.jdbcAuthentication().dataSource(dataSource).usersByUsernameQuery(
"SELECT lower(username), password, active from USER_BTABLE where lower(username)=lower(?) and LDAPAUTH=0"
).authoritiesByUsernameQuery("select lower(username), 'ROLE_USER' from USER_ATABLE where lower(username)=lower(?)");
The trouble is that if the user also exists in the configured ldap with another password starting with the 6th authentication request the following exception appears:
org.springframework.ldap.InvalidAttributeValueException: [LDAP: error code 19 - Exceed password retry limit. Please try later.];
I check in the login filter if the user has the db auth flag set, can I configure the AuthenticationManagerBuilder on the fly there also?
1 answers
solution1
0 ACCPTED 2017-09-13 08:31:00
I eventually did a 307 redirect from a db auth server instance to an ldap auth server instance inside a doFilter method:
httpResponse.setStatus(TEMPORARY_REDIRECT);
httpResponse.setHeader("Location", req.getScheme() + "://"redirectLocation);
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.