java - 使用 Vaadin + Spring Security + Ldap 自定义登录表单

Question

我想为我的 Vaadin 应用程序创建自定义登录页面。

MyUi.class

@Theme("valo")
@SpringUI
@Widgetset("pl.warta.AppWidgetSet")
public class MyUI extends UI {

@Autowired
private SpringViewProvider ViewProvider;

@Override
protected void init(VaadinRequest request) {
    final Navigator navigator = new Navigator(this, this);
    navigator.addProvider(ViewProvider);
    setNavigator(navigator);

}
}

WebSecurityConfig.class

@Configuration
@EnableWebMvcSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.csrf().disable();
        http.authorizeRequests().anyRequest().authenticated().and().formLogin().loginPage("/login").permitAll();
    }

    @Configuration
    protected static class AuthenticationConfiguration extends GlobalAuthenticationConfigurerAdapter {

        @Override
        public void init(AuthenticationManagerBuilder auth) throws Exception {
            auth.ldapAuthentication().userDnPatterns("uid={0},ou=people").groupSearchBase("ou=groups").contextSource().ldif("classpath:test-server.ldif");
        }
    }
}

SecuredView.class

@SpringView(name = SecuredView.NAME)
@UIScope
public class SecuredView extends VerticalLayout implements View {

    private static final long serialVersionUID = 6937605817612926676L;

    public static final String NAME = "";

    @PostConstruct
    private void postConstruct() {

        setSizeFull();
        setSpacing(true);
        setMargin(true);

        addComponent(new Label("<h3>Secured View</h3>", ContentMode.HTML));
    }
    @Override
    public void enter(ViewChangeEvent event) {

    }
}

您能否向我展示 LoginView.class 的示例实现以匹配我的 Spring Security 配置？当我使用 NAME = "login" 创建 View 时，我得到:

Whitelabel Error Page

This application has no explicit mapping for /error, so you are seeing this as a fallback.

Thu Sep 10 09:47:14 CEST 2015
There was an unexpected error (type=Not Found, status=404).
No message available

但是，即使页面出现，我也不知道如何在按钮单击时注入(inject)安全验证。

我没有提到的 - 使用默认表单登录工作正常。

Answer 1

我设法创建了一个可行的解决方案。

对于每个面临这个问题的人，我建议引用这个例子:security-sample-managed

您需要做的唯一一项更改(除了丢弃模型和逻辑之外)是修改 Application.java:

@Configuration
static class AuthenticationConfiguration implements AuthenticationManagerConfigurer {

    @Override
    public void configure(AuthenticationManagerBuilder auth) throws Exception {
        //we need to put here ldap authentication, e.g.:
        auth.ldapAuthentication().userDnPatterns("CN={0},OU=Users").contextSource().url("ldap://my.ldap.server:port").managerDn("adminDn").managerPassword("adminPassword");

    }
}

其他一切都已为 Vaadin 配置。享受吧。