问题描述
我有一个功能可以让我通过 LDAP 服务器对用户进行身份验证。
这是我的代码:
LoginData data = encode(authorization);
boolean flag = false;
// Setup the environment to login as 'Directory Manager'
String rootDN = "x";
String rootPWD = "y";
Hashtable<String,String> environment = new Hashtable<String,String>();
environment.put(Context.INITIAL_CONTEXT_FACTORY,"com.sun.jndi.ldap.LdapCtxFactory");
environment.put(Context.PROVIDER_URL,"LDAP://url:389/DC=x,DC=x");
environment.put(Context.Security_AUTHENTICATION,"simple");
environment.put(Context.Security_PRINCIPAL,rootDN);
environment.put(Context.Security_CREDENTIALS,rootPWD);
DirContext dirContext = null;
NamingEnumeration<SearchResult> results = null;
try {
dirContext = new InitialDirContext(environment);
SearchControls controls = new SearchControls();
controls.setSearchScope(SearchControls.SUBTREE_ScopE);
String filter = "(&(objectclass=user)(objectCategory=person)(SAMAccountName="
+ data.getUsername().toLowerCase() + "))";
results = dirContext.search("",filter,controls);
if (results.hasMore()) {
System.out.println("User found");
SearchResult result = results.next();
String distinguishedname = result.getNameInNamespace();
// auth user
Hashtable<String,String> environment2 = new Hashtable<String,String>();
environment2.put(Context.INITIAL_CONTEXT_FACTORY,"com.sun.jndi.ldap.LdapCtxFactory");
environment2.put(Context.PROVIDER_URL,DC=x");
environment2.put(Context.Security_AUTHENTICATION,"simple");
environment2.put(Context.Security_PRINCIPAL,distinguishedname);
environment2.put(Context.Security_CREDENTIALS,data.getpassword());
DirContext dirContext2 = new InitialDirContext(environment2);
System.out.println("User authenticated");
flag = true;
} else {
System.out.println("User not found");
}
} catch (Exception e) {
// e.printstacktrace();
System.out.println("User not found");
} finally {
if (results != null) {
try {
results.close();
} catch (Exception e) {
}
}
if (dirContext != null) {
try {
dirContext.close();
} catch (Exception e) {
}
}
}
return flag == true ? data : null;
}
此代码运行良好,现在我必须实现相同的逻辑,但使用 Spring Security 以允许用户通过网页进行身份验证。
这是我的尝试,但它不起作用:
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.ldapAuthentication()
.contextSource()
.url("ldap://url:389/DC=x,DC=x")
.managerDn("x").managerPassword("y")
.and()
.userSearchFilter("(&(objectclass=user)(objectCategory=person)(SAMAccountName={0}))");
}
2021-07-22 16:48:39.788 INFO 20888 --- [nio-8080-exec-7] o.s.s.ldap.SpringSecurityLdapTemplate : Ignoring PartialResultException
有人知道我的代码有什么问题吗?
解决方法
暂无找到可以解决该程序问题的有效方法,小编努力寻找整理中!
如果你已经找到好的解决方法,欢迎将解决方案带上本链接一起发送给小编。
小编邮箱:dio#foxmail.com (将#修改为@)