[英]getPassword() returns null in spring security 3.1 with ldap although I set erase-credentials=“false”
我需要获取登录用户的用户名和密码,才能使用这些凭据重新连接到另一个产品。
这是我的SecurityContext.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:security="http://www.springframework.org/schema/security"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.1.xsd">
<security:http auto-config="false" use-expressions="true"
access-denied-page="/app/accessDenied">
<security:intercept-url pattern="/login"
access="permitAll" />
<security:intercept-url pattern="/pages/home.xhtml"
access="isAuthenticated() and hasAnyRole('ROLE_ARCH_ADMIN','ROLE_ARCH_Data_ENTRY','ROLE_ARCH_VIEWER','ROLE_ARCH_SUPER_VIEWER','ROLE_ARCH_MANAGER')" />
<security:intercept-url pattern="/pages/realtyDoc/realtyDoc.xhtml"
access="isAuthenticated() and hasAnyRole('ROLE_ARCH_ADMIN','ROLE_ARCH_DATA_ENTRY','ROLE_ARCH_VIEWER','ROLE_ARCH_SUPER_VIEWER','ROLE_ARCH_MANAGER')" />
<security:form-login login-page="/login1.xhtml"
login-processing-url="/processLogin" authentication-failure-url="/login1.xhtml?faces-redirect=true"
authentication-success-handler-ref="successHandler" />
<security:logout invalidate-session="true" logout-url="/j_spring_security_logout"
logout-success-url="/login1.xhtml" />
</security:http>
<bean id="contextSource"
class="org.springframework.security.ldap.DefaultSpringSecurityContextSource">
<constructor-arg value="ldap://PDA-FNTEST:389/" />
<property name="userDn" value="user@PD.LOCAL" />
<property name="password" value="password" />
</bean>
<bean id="userSearch"
class="org.springframework.security.ldap.search.FilterBasedLdapUserSearch">
<constructor-arg index="0" value="DC=PD,DC=LOCAL" />
<constructor-arg index="1" value="(sAMAccountName={0})" />
<constructor-arg index="2" ref="contextSource" />
</bean>
<bean id="bindAuthenticator"
class="org.springframework.security.ldap.authentication.BindAuthenticator">
<constructor-arg ref="contextSource" />
<property name="userSearch" ref="userSearch" />
</bean>
<bean id="ldapAuthoritiesPopulator"
class="org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator">
<constructor-arg ref="contextSource" />
<constructor-arg value="OU=ARCH_USERS_OU,DC=PD,DC=LOCAL" />
</bean>
<bean id="ldapAuthProvider"
class="org.springframework.security.ldap.authentication.LdapAuthenticationProvider">
<constructor-arg index="0" ref="bindAuthenticator" />
<constructor-arg index="1" ref="ldapAuthoritiesPopulator" />
</bean>
<security:authentication-manager erase-credentials="false" >
<security:authentication-provider
ref="ldapAuthProvider" />
</security:authentication-manager>
<bean id="successHandler" class="com.eblacorp.archive.security.LoginSuccessHandler">
<property name="userAccessService" ref="userAccessService" />
</bean>
<bean id="loginFailuerHandler" class="com.eblacorp.archive.security.LoginFailuerHandler" />
</beans>
当我使用此代码打印用户名和密码时,密码显示为空。
UserDetails user = (UserDetails) SecurityContextHolder.getContext()
.getAuthentication().getPrincipal();
System.out.println("username: " + user.getUsername());
System.out.println("password: " + user.getPassword());
我在身份验证管理器中将delete-credentials =“ false”设置为:
<security:authentication-manager erase-credentials="false" >
<security:authentication-provider
ref="ldapAuthProvider" />
</security:authentication-manager>
要获取密码值,请使用getCredentials()。
证明主体正确的凭据。 这通常是密码,但可以是与AuthenticationManager相关的任何内容。 呼叫者应填充凭据。
返回:证明委托人身份的凭证
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.