[英]Spring security logon active directory not working
我已經編寫了一個使用Spring安全性的Spring bot Web應用程序。 我有2個鏈接,供兩個不同的人群使用。 因此,我分別為用戶和管理員創建了三個活動目錄組。 我的問題是其中一個小組的人可以訪問該應用程序,但其余兩個小組無法訪問該應用程序。
我的登錄配置是
@Configuration
@EnableWebMvcSecurity
@ComponentScan("com.books.controller")
public class LoginConfiguration extends WebSecurityConfigurerAdapter
{
@Override
protected void configure(HttpSecurity http) throws Exception
{
http
.authorizeRequests()
.antMatchers("/")
.hasAuthority("BookAdmin")
.and()
.authorizeRequests()
.antMatchers("/rentBook")
.hasAuthority("RentalBook")
.and()
.authorizeRequests()
.antMatchers("/buybook")
.hasAuthority("BuyBook")
.and()
.authorizeRequests()
.antMatchers("/rentBook")
.hasAuthority("BookAdmin")
.and()
.authorizeRequests()
.antMatchers("/buyBook")
.hasAuthority("BookAdmin")
and().authorizeRequests().and().formLogin().loginProcessingUrl("/login")
.and().logout().permitAll()
.and().csrf().disable()
;
http.headers().frameOptions().disable();
}
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception
{
auth.authenticationProvider(activeDirectoryLdapAuthenticationProvider());
}
@Bean
public AuthenticationManager authenticationManager() {
return new ProviderManager(Arrays.asList(activeDirectoryLdapAuthenticationProvider()));
}
@Bean
public ActiveDirectoryLdapAuthenticationProvider activeDirectoryLdapAuthenticationProvider() {
ActiveDirectoryLdapAuthenticationProvider provider = new ActiveDirectoryLdapAuthenticationProvider("xxx.klc", "ldap://klcdc03");
provider.setConvertSubErrorCodesToExceptions(true);
provider.setUseAuthenticationRequestCredentials(true);
return provider;
}
}
請在下面找到我的Controller類 。 它可以在我的本地計算機上完美運行。 但是,當部署在服務器中時,它僅適用於BookAdmin組。 我沒有在任何屬性文件中列出這些組
package com.tgw.gift.info.controller;
@Controller
public class LoginController {
@RequestMapping("/")
public String home(Model model, Authentication principal)
{
Set<String> authorities=listAuthorties(principal);
if(authorities.contains("BookAdmin"))
{
return "index";
} else {
return "fail";
}
}
private Set<String> listAuthorties(Authentication principal)
{
Set<String> set = new HashSet<String>();
for(GrantedAuthority s: principal.getAuthorities()){
set.add(s.getAuthority());
}
return set;
}
@RequestMapping("/buyBook")
public String printDetails(Model model, Authentication principal){
Set<String> authorities=listAuthorties(principal);
if(authorities.contains("BuyBook"))
{
return "buyBook";
} else if(authorities.contains("BookAdmin")){
return "buyBook";
} else{
return "fail";
}
}
@RequestMapping("/rentBook")
public String printDetails(Model model, Authentication principal){
Set<String> authorities=listAuthorties(principal);
if(authorities.contains("RentalBook"))
{
return "rentBook";
} else if(authorities.contains("RentalAdmin")){
return "rentBook";
} else{
return "fail";
}
}
}
also this works fine when run locally, but not in server.
每個網址只需要一個authorizeRequests
和一個antmatcher
:
http
.authorizeRequests()
.antMatchers("/").hasAuthority("BookAdmin")
.antMatchers("/rentBook").hasAnyAuthority("RentalBook", "BookAdmin")
.antMatchers("/buybook").hasAnyAuthority("BuyBook", "BookAdmin")
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.