How to handle exceptions from Spring Boot's LdapAuthenticationProviderConfigurer
Question
I have the following web security in a Spring Boot application:
@Override
public void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.ldapAuthentication()
.contextSource(contextSource)
.userSearchBase("OU=users,DC=example,DC=com")
.userSearchFilter("userName={0}")
.ldapAuthoritiesPopulator(authoritiesPopulator)
.and()
// fall back to the admin group if not found
.ldapAuthentication()
.contextSource(contextSource)
.userSearchBase("OU=admins,DC=example,DC=com")
.userSearchFilter("userName={0}")
.ldapAuthoritiesPopulator(authoritiesPopulator)
;
}
The idea is pretty straightforward: try searching in the users group and if the user is not found, then try the admin group. All of this works great until something goes wrong with the first lookup. If the users group suddenly goes away, for example, the first lookup will generate an exception and the second lookup is never attempted. Is there a way to configure LdapAuthenticationProviderConfigurer or perhaps AuthenticationManagerBuilder to not abort the whole process when one of the authentication provider exceptions out?
1 answers
solution1
0 2022-02-04 12:47:02
following this answer - maybe this (untested code)
public void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.ldapAuthentication()
.contextSource(contextSource)
.userSearchBase("DC=example,DC=com")
//.userSearchFilter("&((userName={0}))")
.userDnPatterns("userName={0},OU=users", "userName={0},OU=admins")
.ldapAuthoritiesPopulator(authoritiesPopulator))
}
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.