![](/img/trans.png)
[英]Spring boot mvc ldap authentication with Active Directory
[英]How to translate grails 2 LDAP Active Directory values to work with Spring Boot
我在使用Spring Boot連接到LDAP Active Directory時遇到問題。 我一直在使用在Grails 2應用程序中找到的值,但一定缺少一些東西。
Grails 2值示例
grails.plugin.springsecurity.ldap.authorities.retrieveDatabaseRoles = true
grails.plugin.springsecurity.ldap.context.managerDn = 'manager@domain.local'
grails.plugin.springsecurity.ldap.context.managerPassword = 'password'
grails.plugin.springsecurity.ldap.context.server = 'ldap://domain.local:389'
grails.plugin.springsecurity.ldap.authorities.ignorePartialResultException = true
grails.plugin.springsecurity.ldap.search.base = 'ou=users,dc=domain,dc=local'
grails.plugin.springsecurity.ldap.search.filter = "sAMAccountName={0}"
grails.plugin.springsecurity.ldap.search.searchSubtree = true
grails.plugin.springsecurity.ldap.auth.hideUserNotFoundExceptions = false
grails.plugin.springsecurity.ldap.search.attributesToReturn = ['mail', 'displayName']
grails.plugin.springsecurity.providerNames = ['customAuthenticationProvider','ldapAuthProvider']
這是我在Spring Boot中嘗試的眾多變體之一。 我很肯定它沒有正確搜索管理員/密碼。
@Configuration
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.anyRequest().fullyAuthenticated()
.and()
.formLogin();
}
@Override
public void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.ldapAuthentication()
.contextSource().url("ldap://domain.local:389")
.managerDn("uid=manager@domain.local,ou=users")
.managerPassword("password")
.and()
.userSearchBase("ou=users,dc=domain,dc=local")
.userDnPatterns("sAMAccountName={0}");
}
}
build.gradle ldap依賴項
compile("org.springframework.ldap:spring-ldap-core")
compile("org.springframework.security:spring-security-ldap")
compile("com.unboundid:unboundid-ldapsdk")
通過如下設置使其正常工作:
auth.ldapAuthentication()
.contextSource().url("ldap://domain.local:389/ou=users,dc=domain,dc=local")
.managerDn("manager@domain.local").managerPassword("password")
.and()
.userSearchFilter("sAMAccountName={0}");
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.