Java 使用LDAP的Spring安全性-登录后出错
我已经设法使我的Spring项目与安全性和LDAP一起工作,但只与LDIF文件一起工作。现在,我正试图通过配置LDAP服务器使其正常工作,但我只做到了这一点——通过使用正确的凭据登录,我的网站没有出现任何错误,但我只能做到这一点 我一直在谷歌上搜索这些错误,但我找不到任何类似的/有用的帮助。也许曾经使用SpringLDAP的人知道如何正确地配置项目以使用LDAP服务器 以下是控制台抛出的内容:Java 使用LDAP的Spring安全性-登录后出错,java,spring-boot,spring-security,ldap,spring-security-ldap,Java,Spring Boot,Spring Security,Ldap,Spring Security Ldap,我已经设法使我的Spring项目与安全性和LDAP一起工作,但只与LDIF文件一起工作。现在,我正试图通过配置LDAP服务器使其正常工作,但我只做到了这一点——通过使用正确的凭据登录,我的网站没有出现任何错误,但我只能做到这一点 我一直在谷歌上搜索这些错误,但我找不到任何类似的/有用的帮助。也许曾经使用SpringLDAP的人知道如何正确地配置项目以使用LDAP服务器 以下是控制台抛出的内容: 2020-10-31 18:32:25.298 DEBUG 21100 --- [nio-8080-e
2020-10-31 18:32:25.298 DEBUG 21100 --- [nio-8080-exec-4] w.a.UsernamePasswordAuthenticationFilter : Request is to process authentication
2020-10-31 18:32:25.298 DEBUG 21100 --- [nio-8080-exec-4] o.s.s.authentication.ProviderManager : Authentication attempt using org.springframework.security.ldap.authentication.LdapAuthenticationProvider
2020-10-31 18:32:25.298 DEBUG 21100 --- [nio-8080-exec-4] o.s.s.l.a.LdapAuthenticationProvider : Processing authentication request for user: MY_USERNAME
2020-10-31 18:32:25.302 DEBUG 21100 --- [nio-8080-exec-4] o.s.s.l.a.BindAuthenticator : Attempting to bind as cn=MY_USERNAME,ou=MY_GROUP,dc=FOO,dc=FOO2
2020-10-31 18:32:25.302 DEBUG 21100 --- [nio-8080-exec-4] s.s.l.DefaultSpringSecurityContextSource : Removing pooling flag for user cn=MY_USERNAME,ou=MY_GROUP,dc=FOO,dc=FOO2
2020-10-31 18:32:25.384 DEBUG 21100 --- [nio-8080-exec-4] o.s.s.l.a.BindAuthenticator : Retrieving attributes...
2020-10-31 18:32:25.408 DEBUG 21100 --- [nio-8080-exec-4] .s.s.l.u.DefaultLdapAuthoritiesPopulator : Getting authorities for user cn=MY_USERNAME,ou=MY_GROUP,dc=FOO,dc=FOO2
2020-10-31 18:32:25.408 DEBUG 21100 --- [nio-8080-exec-4] .s.s.l.u.DefaultLdapAuthoritiesPopulator : Searching for roles for user 'MY_USERNAME', DN = 'cn=MY_USERNAME,ou=MY_GROUP,dc=FOO,dc=FOO2', with filter (uniqueMember={0}) in search base ''
2020-10-31 18:32:25.409 DEBUG 21100 --- [nio-8080-exec-4] o.s.s.ldap.SpringSecurityLdapTemplate : Using filter: (uniqueMember=cn=MY_USERNAME,ou=MY_GROUP,dc=FOO,dc=FOO2)
2020-10-31 18:32:25.490 DEBUG 21100 --- [nio-8080-exec-4] o.s.s.w.header.writers.HstsHeaderWriter : Not injecting HSTS header since it did not match the requestMatcher org.springframework.security.web.header.writers.HstsHeaderWriter$SecureRequestMatcher@18100b72
2020-10-31 18:32:25.490 DEBUG 21100 --- [nio-8080-exec-4] w.c.HttpSessionSecurityContextRepository : SecurityContext is empty or contents are anonymous - context will not be stored in HttpSession.
2020-10-31 18:32:25.490 DEBUG 21100 --- [nio-8080-exec-4] s.s.w.c.SecurityContextPersistenceFilter : SecurityContextHolder now cleared, as request processing completed
2020-10-31 18:32:25.494 ERROR 21100 --- [nio-8080-exec-4] o.a.c.c.C.[.[.[/].[dispatcherServlet] : Servlet.service() for servlet [dispatcherServlet] in context with path [] threw exception
org.springframework.ldap.UncategorizedLdapException: Uncategorized exception occured during LDAP processing; nested exception is javax.naming.NamingException: [LDAP: error code 1 - 00002020: Operation unavailable without authentication]; remaining name ''
这是我的application.properties:
spring.ldap.embedded.base-dn=dc=FOO,dc=FOO2
spring.ldap.embedded.port=8389
spring.ldap.urls=ldap://xx.x.x.xx:389/dc=FOO,dc=FOO2
spring.ldap.embedded.validation.enabled=false
spring.ldap.base=ou=MY_GROUP,dc=FOO,dc=FOO2
以及扩展WebSecurity配置适配器的cofig类:
@Override
public void configure(AuthenticationManagerBuilder auth) throws Exception
{
auth
.ldapAuthentication()
.userDnPatterns("cn={0},ou=MY_GROUP")
.contextSource()
.url("ldap://xx.x.x.xx:389/dc=FOO,dc=FOO2");
}
@Override
protected void configure(HttpSecurity http) throws Exception
{
http
.authorizeRequests()
.anyRequest().fullyAuthenticated()
.and()
.formLogin().permitAll()
.and()
.logout().permitAll();
}