![](/img/trans.png)
[英]How to encode password with HMAC-SHA512 in Spring Boot Security
[英]Spring boot and LDAP with SHA512 password
我正在編寫一個小應用程序,以將其用作微服務的身份驗證服務器。 (我們正在划分一個舊的整體應用程序)。
此應用必須通過LDAP服務器(受用戶名和密碼保護)登錄。 並且用戶密碼曾經存儲為SHA512哈希。 但我總是收到“錯誤的憑據”錯誤
這是我的代碼
WebSecurityConfig.java
@Configuration
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests().anyRequest().fullyAuthenticated().and().formLogin();
}
@Override
protected void configure(final AuthenticationManagerBuilder auth) throws Exception {
auth.authenticationProvider(ldapAuthProvider());
auth.ldapAuthentication().passwordCompare().passwordEncoder(new LdapShaPasswordEncoder()).passwordAttribute("userPassword");
super.configure(auth);
}
public LdapAuthenticationProvider ldapAuthProvider() {
DefaultSpringSecurityContextSource contextSource = new DefaultSpringSecurityContextSource("ldap://myldaphost:389/");
contextSource.setUserDn("cn=myuser");
contextSource.setPassword("mypassword");
FilterBasedLdapUserSearch userSearch = new FilterBasedLdapUserSearch("", "(&(cn={0})(estado=activo))", contextSource);
BindAuthenticator bindAuthenticator = new BindAuthenticator(contextSource);
bindAuthenticator.setUserSearch(userSearch);
LdapAuthenticationProvider provider = new LdapAuthenticationProvider(bindAuthenticator);
return provider;
}
}
pom.xml
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>org.springframework</groupId>
<artifactId>gs-authenticating-ldap</artifactId>
<version>0.1.0</version>
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>1.5.7.RELEASE</version>
</parent>
<properties>
<java.version>1.8</java.version>
</properties>
<!-- tag::security[] -->
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.ldap</groupId>
<artifactId>spring-ldap-core</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-ldap</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-test</artifactId>
<scope>test</scope>
</dependency>
</dependencies>
<!-- end::security[] -->
<build>
<plugins>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
</plugin>
</plugins>
</build>
</project>
HomeController.java
@RestController
public class HomeController {
@RequestMapping("/")
public String index() {
return "Welcome to the home page!";
}
}
當前可運行的OLD APP中的applicationContext-security.xml
<beans>
<!-- SECURITY ENABLED -->
<beans profile="security-enabled">
<!-- Data Data Base & LDAP-->
<bean id="ldapAuthProvider" class="org.springframework.security.ldap.authentication.LdapAuthenticationProvider">
<constructor-arg>
<bean id="bindAuthenticator" class="org.springframework.security.ldap.authentication.BindAuthenticator">
<constructor-arg ref="contextSource" />
<property name="userSearch" ref="userSearch" />
</bean>
</constructor-arg>
</bean>
<bean id="userSearch"
class="org.springframework.security.ldap.search.FilterBasedLdapUserSearch">
<constructor-arg index="0" value="" />
<constructor-arg index="1" value="(&(cn={0})(estado=activo))" />
<constructor-arg index="2" ref="contextSource" />
</bean>
<bean id="contextSource"
class="org.springframework.security.ldap.DefaultSpringSecurityContextSource">
<constructor-arg value="myurl" />
<property name="userDn" value="myuser" />
<property name="password" value="mypassword" />
</bean>
<security:authentication-manager alias="authenticationManager">
<security:authentication-provider ref="ldapAuthProvider" />
</security:authentication-manager>
</beans>
解決了自己
@Configuration
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests().anyRequest().fullyAuthenticated().and().formLogin();
}
@Override
public void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.ldapAuthentication().userSearchFilter("(cn={0})(estado=activo)").contextSource().url("ldap://myurl:389/")
.managerDn("cn=myadmin").managerPassword("mypass");
}
}
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.