我正在尝试将应用程序升级到后连接到LDAP:OpenJDK 17,SpringBoot 3.0.2,Gradle 8.0以前,我们有一个自制的解决方案来连接到活动目录,它将不再像写的那样工作。我的尝试遇到了这个500错误和一个401未经授权的错误的组合,大意是我没有传递要进行身份验证的凭据。我看过的大多数示例或指南都显示了嵌入式示例,我可以很好地工作,但当将它们移动到外部源时,我会遇到错误。我的配置中是否有什么东西突然显示为错误?
我的最终目标是一个轻量级的LDAP连接,对给定目录中的用户进行身份验证,代码已经被清理了-请告诉我如果其他信息会有帮助。
我很感激任何帮助,提前谢谢你。
{
"timestamp": "2023-03-22T18:56:54.934+00:00",
"status": 500,
"error": "Internal Server Error",
"trace": "java.lang.NoSuchMethodError: 'java.util.Map jakarta.servlet.SessionCookieConfig.getAttributes()'\r\n\tat org.apache.catalina.core.ApplicationSessionCookieConfig.createSessionCookie(ApplicationSessionCookieConfig.java:238)\r\n\tat org.apache.catalina.connector.Request.doGetSession(Request.java:3060)\r\n\tat org.apache.catalina.connector.Request.getSession(Request.java:2450)\r\n\tat org.apache.catalina.connector.RequestFacade.getSession(RequestFacade.java:896)\r\n\tat org.apache.catalina.connector.RequestFacade.getSession(RequestFacade.java:908)\r\n\tat jakarta.servlet.http.HttpServletRequestWrapper.getSession(HttpServletRequestWrapper.java:229)\r\n\tat jakarta.servlet.http.HttpServletRequestWrapper.getSession(HttpServletRequestWrapper.java:229)\r\n\tat org.springframework.security.web.csrf.HttpSessionCsrfTokenRepository.saveToken(HttpSessionCsrfTokenRepository.java:58)\r\n\tat org.springframework.security.web.csrf.LazyCsrfTokenRepository$SaveOnAccessCsrfToken.saveTokenIfNecessary(LazyCsrfTokenRepository.java:235)\r\n\tat org.springframework.security.web.csrf.LazyCsrfTokenRepository$SaveOnAccessCsrfToken.getToken(LazyCsrfTokenRepository.java:192)\r\n\tat org.springframework.security.web.csrf.XorCsrfTokenRequestAttributeHandler.resolveCsrfTokenValue(XorCsrfTokenRequestAttributeHandler.java:73)\r\n\tat org.springframework.security.web.csrf.CsrfFilter.doFilterInternal(CsrfFilter.java:120)\r\n\tat org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116)\r\n\tat org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:374)\r\n\tat org.springframework.security.web.header.HeaderWriterFilter.doHeadersAfter(HeaderWriterFilter.java:90)\r\n\tat org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:75)\r\n\tat org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116)\r\n\tat org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:374)\r\n\tat org.springframework.security.web.context.SecurityContextHolderFilter.doFilter(SecurityContextHolderFilter.java:82)\r\n\tat org.springframework.security.web.context.SecurityContextHolderFilter.doFilter(SecurityContextHolderFilter.java:69)\r\n\tat org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:374)\r\n\tat org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:62)\r\n\tat org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116)\r\n\tat org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:374)\r\n\tat org.springframework.security.web.session.DisableEncodeUrlFilter.doFilterInternal(DisableEncodeUrlFilter.java:42)\r\n\tat org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116)\r\n\tat org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:374)\r\n\tat org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:233)\r\n\tat org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:191)\r\n\tat org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:351)\r\n\tat org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:267)\r\n\tat org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:185)\r\n\tat org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:158)\r\n\tat org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:100)\r\n\tat org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116)\r\n\tat org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:185)\r\n\tat org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:158)\r\n\tat org.springframework.web.filter.FormContentFilter.doFilterInternal(FormContentFilter.java:93)\r\n\tat org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116)\r\n\tat org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:185)\r\n\tat org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:158)\r\n\tat org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:201)\r\n\tat org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116)\r\n\tat org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:185)\r\n\tat org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:158)\r\n\tat org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:177)\r\n\tat org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:97)\r\n\tat org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:542)\r\n\tat org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:119)\r\n\tat org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92)\r\n\tat org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:78)\r\n\tat org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:357)\r\n\tat org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:400)\r\n\tat org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65)\r\n\tat org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:859)\r\n\tat org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1734)\r\n\tat org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:52)\r\n\tat org.apache.tomcat.util.threads.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1191)\r\n\tat org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:659)\r\n\tat org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)\r\n\tat java.base/java.lang.Thread.run(Thread.java:833)\r\n",
"message": "'java.util.Map jakarta.servlet.SessionCookieConfig.getAttributes()'",
"path": "/monitor/stop"
}当前配置类如下...
@Configuration
@EnableWebSecurity
public class SecurityConfiguration {
@Value("${}")
private String[] readAuthorization;
@Value("${}")
private String[] writeAuthorization;
@Value("${ldap.context.source.userDn}")
private String userDnPattern;
@Value("${ldap.context.source.url}")
private String ldapContextSourceUrl;
@Value("${ldap.context.source.base}")
private String ldapContextSourceBase;
@Value("${ldap.context.source.password}")
private String ldapContextSourcePassword;
@Value("${ldap.context.source.referral}")
private String ldapContextSourceReferral;
@Value("${ldap.context.source.pooled}")
private String ldapContextSourcePooled;
@Autowired
public LdapContextSource contextSource() {
LdapContextSource ldapContextSource = new LdapContextSource();
ldapContextSource.setUrl(ldapContextSourceUrl);
ldapContextSource.setBase(ldapContextSourceBase);
ldapContextSource.setUserDn(userDnPattern);
ldapContextSource.setPassword(ldapContextSourcePassword);
ldapContextSource.setReferral(ldapContextSourceReferral);
ldapContextSource.afterPropertiesSet();
return ldapContextSource;
}
@Bean
AuthenticationManager ldapAuthenticationManager(BaseLdapPathContextSource contextSource) {
LdapBindAuthenticationManagerFactory factory = new LdapBindAuthenticationManagerFactory(contextSource);
factory.setUserDnPatterns(userDnPattern);
factory.setUserDetailsContextMapper(new PersonContextMapper());
return factory.createAuthenticationManager();
}
@Bean
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
http.authorizeHttpRequests()
.requestMatchers("/**")
.permitAll();
return http.build();
}
@Bean
public WebSecurityCustomizer webSecurityCustomizer() {
return (web) -> web
.ignoring()
.requestMatchers("/readiness", "/liveness");
}
}依赖关系
// ==[ PLUGINS ]===============================================================
apply plugin: "org.owasp.dependencycheck"
apply plugin: 'java'
apply plugin: 'maven-publish'
if ( System.getenv().containsKey("JTEST_HOME") ) {
apply from: System.getenv('JTEST_HOME') + '/integration/gradle/jtest.gradle'
}
// ==[ DEPENDENCIES ]==========================================================
dependencies {
implementation 'org.springframework.boot:spring-boot-starter-data-ldap'
implementation 'org.springframework.security:spring-security-ldap'
implementation 'org.springframework.boot:spring-boot-starter-data-jdbc'
implementation 'org.springframework.boot:spring-boot-starter-data-rest'
implementation 'org.springframework.boot:spring-boot-starter-data-jpa'
implementation 'org.springframework.boot:spring-boot-starter-web'
implementation 'org.springframework.boot:spring-boot-starter-security'
implementation 'org.elasticsearch.client:elasticsearch-rest-client:7.17.4'
implementation 'org.elasticsearch:elasticsearch:7.17.4'
implementation 'org.elasticsearch.client:elasticsearch-rest-high-level-client:7.17.4'
implementation 'org.apache.commons:commons-lang3:3.8.1'
implementation 'com.google.code.gson:gson:2.10.1'
implementation 'com.google.guava:guava:30.0-android'
implementation 'jakarta.servlet:jakarta.servlet-api:5.0.0'
implementation 'com.microsoft.sqlserver:mssql-jdbc:10.2.0.jre17'
developmentOnly 'org.springframework.boot:spring-boot-devtools'
testRuntimeOnly 'org.junit.platform:junit-platform-launcher:1.8.2'
testImplementation 'junit:junit:4.13.1'
testImplementation('org.springframework.boot:spring-boot-starter-test') {
exclude group: 'org.junit.vintage', module: 'junit-vintage-engine'
}
}
1条答案
按热度按时间34gzjxbg1#
我也在Sping Boot 3中挣扎了很多小时。现在我终于成功了。让我分享我的解决方案。
在application.properties
build.gradle
希望这能帮上忙。