gpt4 book ai didi

java - Spring LDAP 和 Spring Boot 配置

转载 作者:行者123 更新时间:2023-12-05 07:42:55 29 4
gpt4 key购买 nike

我有教育问题:

有带有用户及其密码的 Windows Server 2003 (AD) 虚拟机。已建立与机器的连接 (ip:192.168.56.101:389)。

Web 应用程序的目的是使用户能够更改其在 AD 中的密码。

问题:无法配置与 windws server 2003 的连接。

我是从本教程开始的 https://spring.io/guides/gs/authenticating-ldap/

当我尝试以“Jack Wood”身份登录并传递“1234”时,出现错误。

org.springframework.security.authentication.InternalAuthenticationServiceException: 
Uncategorized exception occured during LDAP processing;
nested exception is javax.naming.NamingException:
[LDAP: error code 1 - 00000000: LdapErr: DSID-0C090627, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, vece ]; remaining name 'cn=Jack Wood,cn=Users'

Error

请检查application.properties

#spring.ldap.embedded.ldif=classpath:test-server.ldif
#spring.ldap.embedded.base-dn=dc=springframework,dc=org
#spring.ldap.embedded.port=8389
spring.ldap.base=dc=GRSU,dc=local
spring.ldap.urls=192.168.56.101:389
spring.ldap.username=cn=Jack Wood,cn=Users,dc=GRSU,dc=local
spring.ldap.password=1234

网络安全配置

package hello;

import java.util.Arrays;

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.encoding.LdapShaPasswordEncoder;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.ldap.DefaultSpringSecurityContextSource;

@Configuration
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.anyRequest().fullyAuthenticated()
.and()
.formLogin();
}

@Override
public void configure(AuthenticationManagerBuilder auth) throws Exception {
auth
.ldapAuthentication()
.userDnPatterns("cn={0},cn=Users")
.groupSearchBase("ou=groups")
.contextSource(contextSource())
.passwordCompare()
.passwordEncoder(new LdapShaPasswordEncoder())
.passwordAttribute("userPassword");
}

@Bean
public DefaultSpringSecurityContextSource contextSource() {
return new DefaultSpringSecurityContextSource("ldap://192.168.56.101:389/");
}

}

家庭 Controller

package hello;

import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;

@RestController
public class HomeController {

@GetMapping("/")
public String index() {
return "Welcome to the home page!";
}
}

申请

package hello;

import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;

@SpringBootApplication
public class Application {

public static void main(String[] args) {
SpringApplication.run(Application.class, args);
}

}

AD structure

最佳答案

尝试改变

spring.ldap.username=cn=Jack Wood,cn=Users,dc=GRSU,dc=local

spring.ldap.username=cn=Jack Wood,cn=Users

这有帮助吗?

我的理解是用户名使用相对域名 (rdn) 而不是绝对域名 (dn)。

关于java - Spring LDAP 和 Spring Boot 配置,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/44084343/

29 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com