使用spring security ldap重新实现ldap身份验证

3b6akqbq  于 2021-09-29  发布在  Java
关注(0)|答案(0)|浏览(357)

我有一个功能,允许我通过ldap服务器对用户进行身份验证。
这是我的密码:

LoginData data = encode(authorization);
    boolean flag = false;
    // Setup the environment to login as 'Directory Manager'
    String rootDN = "x";
    String rootPWD = "y";

    Hashtable<String, String> environment = new Hashtable<String, String>();
    environment.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
    environment.put(Context.PROVIDER_URL, "LDAP://url:389/DC=x,DC=x");
    environment.put(Context.SECURITY_AUTHENTICATION, "simple");
    environment.put(Context.SECURITY_PRINCIPAL, rootDN);
    environment.put(Context.SECURITY_CREDENTIALS, rootPWD);
    DirContext dirContext = null;
    NamingEnumeration<SearchResult> results = null;

    try {
        dirContext = new InitialDirContext(environment);
        SearchControls controls = new SearchControls();
        controls.setSearchScope(SearchControls.SUBTREE_SCOPE);
        String filter = "(&(objectclass=user)(objectCategory=person)(SAMAccountName="
                + data.getUsername().toLowerCase() + "))";
        results = dirContext.search("", filter, controls);
        if (results.hasMore()) {
            System.out.println("User found");
            SearchResult result = results.next();
            String distinguishedName = result.getNameInNamespace();
            // auth user
            Hashtable<String, String> environment2 = new Hashtable<String, String>();
            environment2.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
            environment2.put(Context.PROVIDER_URL, "LDAP://url:389/DC=x,DC=x");
            environment2.put(Context.SECURITY_AUTHENTICATION, "simple");
            environment2.put(Context.SECURITY_PRINCIPAL, distinguishedName);
            environment2.put(Context.SECURITY_CREDENTIALS, data.getPassword());
            DirContext dirContext2 = new InitialDirContext(environment2);
            System.out.println("User authenticated");
            flag = true;

        } else {
            System.out.println("User not found");
        }

    } catch (Exception e) {
        // e.printStackTrace();
        System.out.println("User not found");
    } finally {
        if (results != null) {
            try {
                results.close();
            } catch (Exception e) {
            }
        }

        if (dirContext != null) {
            try {
                dirContext.close();
            } catch (Exception e) {
            }
        }
    }
    return flag == true ? data : null;
}

这段代码运行得很好,现在我必须实现相同的逻辑,但使用Spring Security 允许用户通过网页进行身份验证。
以下是我的尝试,但不起作用:

@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
    auth.ldapAuthentication()
    .contextSource()
    .url("ldap://url:389/DC=x,DC=x")
    .managerDn("x").managerPassword("y")
    .and()
    .userSearchFilter("(&(objectclass=user)(objectCategory=person)(SAMAccountName={0}))");
}

当用户进行身份验证时,上面的代码显示此错误:

2021-07-22 16:48:39.788  INFO 20888 --- [nio-8080-exec-7] o.s.s.ldap.SpringSecurityLdapTemplate    : Ignoring PartialResultException

有人知道我的代码中有什么错误吗?

暂无答案!

目前还没有任何答案,快来回答吧!

相关问题