stackoom
  简体   繁体   中英

How do I use “Remember Me” authentication with Spring Security and LDAP?

 原文  2010-03-02 06:43:30       java/ spring-security/ remember-me

Question

I want to use a Spring Security's "Remember me" with LDAP authentication. LDAP authentication configuration is described here , I've just made some tiny changes. Could you explain to me how can i add "Remember me" in that configuration? Or, may be, you can give me a sample which describes how to do it. Thank you.

2 answers

solution1
 4  2011-12-07 20:38:40

You really just need to give the remember-me attribute a data-source-ref or a token-repository-ref and a user-service-ref. I saw some other examples that used a voter based access-decision-manager-ref in the http element, but that seemed to void the use-expressions="true." The only thing I don't like about this is having to specify the ldap properties twice. 

<beans:import resource="datasource-context.xml"/>

<http use-expressions="true" >
    <intercept-url pattern="/auth/**" access="permitAll" />
    <intercept-url pattern="/admin/**" access="hasRole('MY_ROLE_ADMIN')" />
    <intercept-url pattern="/**" access="isAuthenticated()" />
    <form-login  />
    <logout  />
    <remember-me key="_my_remember_me_key" 
        token-validity-seconds="864000" 
        data-source-ref="dataSource"
        user-service-ref="ldapUserService" />
</http>

<ldap-server id="ldapServerContext" ldif="classpath:users.ldif" root="dc=springframework,dc=org" port="33389" />

<ldap-user-service 
    id="ldapUserService" 
    server-ref="ldapServerContext" 
    user-search-base="ou=people"
    user-search-filter="(uid={0})"
    group-search-base="ou=groups"
    group-role-attribute="cn"
    group-search-filter="(member={0})"
    role-prefix="MY_ROLE_" />

<authentication-manager>
    <ldap-authentication-provider
        server-ref="ldapServerContext"
        user-search-base="ou=people"
        user-search-filter="(uid={0})"
        group-search-base="ou=groups"
        group-role-attribute="cn"
        group-search-filter="(member={0})"
        role-prefix="MY_ROLE_" />
</authentication-manager>

solution2
 3  2010-03-15 13:45:48

This link should help:

http://static.springsource.org/spring-security/site/docs/3.0.x/reference/remember-me.html

Important note:

If you are using an authentication provider which doesn't use a UserDetailsService ( for example, the LDAP provider ) then it won't work unless you also have a UserDetailsService bean in your application context.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How to correctly configure the remember me option of Spring Security in a project that use LDAP for authentication? Spring Security LDAP and Remember Me spring security remember me authentication Spring security Remember me and Custom Authentication provider Manual authentication with spring security and remember me provider Spring 3, Spring Security, LDAP, How do I add roles to LDAP? Spring security - remember-me authentication with multiple authentication providers Spring Security Authentication with ldap fail when I use a custom login Spring security -remember me Spring Security Remember Me
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM