Java CreateSucessfulAuthentication与Ldap身份验证中的nullpointer异常
我是spring安全认证新手。我正在使用AbstractUserDetailsAuthenticationProvider进行身份验证 但我正在变得异常Java CreateSucessfulAuthentication与Ldap身份验证中的nullpointer异常,java,spring,spring-security,spring-security-ldap,spring-security-rest,Java,Spring,Spring Security,Spring Security Ldap,Spring Security Rest,我是spring安全认证新手。我正在使用AbstractUserDetailsAuthenticationProvider进行身份验证 但我正在变得异常 java.lang.NullPointerException: null at org.springframework.security.ldap.authentication.AbstractLdapAuthenticationProvider.createSucccessfulAuthentication(AbstractLdapA
java.lang.NullPointerException: null
at org.springframework.security.ldap.authentication.AbstractLdapAuthenticationProvider.createSucccessfulAuthentication(AbstractLdapAuthenticationProvider.java:117)
at org.springframework.security.ldap.authentication.AbstractLdapAuthenticationProvider.authenticate(AbstractLdapAuthenticationProvider.java:92)
at com.example.securitydemo.security.CustomUserDetailsAuthenticationProvider.authenticate(CustomUserDetailsAuthenticationProvider.java:36)
下面是我的CustomUserDetailsAuthenticationProvider.java
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.ldap.authentication.ad.ActiveDirectoryLdapAuthenticationProvider;
import org.springframework.security.ldap.userdetails.LdapUserDetailsImpl;
import org.springframework.security.ldap.userdetails.UserDetailsContextMapper;
public class CustomUserDetailsAuthenticationProvider extends AbstractUserDetailsAuthenticationProvider {
private ActiveDirectoryLdapAuthenticationProvider adAuthprovider;
private UserDetailsContextMapper userDetailsContextMapper;
@Autowired
private AppGrantedAuthoritiesMapper mapper;
public CustomUserDetailsAuthenticationProvider() {
}
public CustomUserDetailsAuthenticationProvider(ActiveDirectoryLdapAuthenticationProvider adAuthprovider) {
this.adAuthprovider = adAuthprovider;
if (this.adAuthprovider == null) {
userDetailsContextMapper = new AppUserDetailsMapper();
this.adAuthprovider.setUserDetailsContextMapper(userDetailsContextMapper);
}
}
@Override
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
adAuthprovider.setAuthoritiesMapper(mapper);
Authentication auth = adAuthprovider.authenticate(authentication);
return auth;
}
@Override
protected void additionalAuthenticationChecks(UserDetails userDetails,
UsernamePasswordAuthenticationToken authentication) throws AuthenticationException {
}
@Override
protected UserDetails retrieveUser(String username, UsernamePasswordAuthenticationToken authentication)
throws AuthenticationException {
LdapUserDetailsImpl ud = (LdapUserDetailsImpl) authentication.getPrincipal();
return ud;
}
}
下面是我的ReferenceAuthenticationSuccessHandler.java
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.security.core.Authentication;
import org.springframework.security.web.DefaultRedirectStrategy;
import org.springframework.security.web.RedirectStrategy;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
public class ReferAuthenticationSuccessHandler implements AuthenticationSuccessHandler {
private RedirectStrategy redirectStrategy = new DefaultRedirectStrategy();
@Override
public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response,
Authentication authentication) throws IOException, ServletException {
handle(request, response, authentication);
}
protected void handle(final HttpServletRequest request, final HttpServletResponse response,
final Authentication authentication) throws IOException {
final String targetUrl = "home.html";
redirectStrategy.sendRedirect(request, response, targetUrl);
}
}
下面是我的SecurityConfig.java
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.ComponentScan;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.ldap.authentication.ad.ActiveDirectoryLdapAuthenticationProvider;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
@Configuration
@EnableWebSecurity
@ComponentScan("com.example.securitydemo.security")
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.authenticationProvider(getAmsAuthProvider());
}
@Bean
public AuthenticationSuccessHandler myAuthenticationSuccessHandler() {
return new ReferAuthenticationSuccessHandler();
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.cors().disable().authorizeRequests().anyRequest().authenticated().and().formLogin()
.successHandler(myAuthenticationSuccessHandler());
}
private CustomUserDetailsAuthenticationProvider getAmsAuthProvider() {
ActiveDirectoryLdapAuthenticationProvider adLdap = new ActiveDirectoryLdapAuthenticationProvider("pac.***.com",
"ldap://**.pac.com:389");
adLdap.setSearchFilter("(&(objectClass=user)(sAMAccountName={1}");
adLdap.setUseAuthenticationRequestCredentials(true);
adLdap.setConvertSubErrorCodesToExceptions(true);
CustomUserDetailsAuthenticationProvider authenticationProvider = new CustomUserDetailsAuthenticationProvider(
adLdap);
return authenticationProvider;
}
}
不确定我缺少了什么,请帮助我解决此问题确保用户拥有权限。 以下是AbstractLdapAuthenticationProvider的源代码 看一下Stacktrace上的第117行。我建议调试特定行中的变量,并检查哪个变量为空