Java 使用LDAP身份验证的JHipster
我几周前就开始使用JHipster了,从现在起,所有的东西都找到了。我希望LDAP身份验证与JHipster的默认身份验证同时使用 我遵循了这个,但它没有按计划工作。 实际上,我的配置与LDAP服务器连接良好,通过查看日志,我知道登录搜索到LDAP服务器并比较密码 问题是登录失败,出现以下错误:Java 使用LDAP身份验证的JHipster,java,spring-security,ldap,jhipster,Java,Spring Security,Ldap,Jhipster,我几周前就开始使用JHipster了,从现在起,所有的东西都找到了。我希望LDAP身份验证与JHipster的默认身份验证同时使用 我遵循了这个,但它没有按计划工作。 实际上,我的配置与LDAP服务器连接良好,通过查看日志,我知道登录搜索到LDAP服务器并比较密码 问题是登录失败,出现以下错误: UT005023: Exception handling request to /api/authentication org.springframework.security.core.userde
UT005023: Exception handling request to /api/authentication
org.springframework.security.core.userdetails.UsernameNotFoundException: User nseys was not found in the database
at com.mycompany.myapp.security.PersistentTokenRememberMeServices.lambda$onLoginSuccess$1(PersistentTokenRememberMeServices.java:116)
at java.util.Optional.orElseThrow(Optional.java:290)
at com.mycompany.myapp.security.PersistentTokenRememberMeServices.onLoginSuccess(PersistentTokenRememberMeServices.java:116)
at org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices.loginSuccess(AbstractRememberMeServices.java:294)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
...
问题是,我希望JHipster在数据库中不存在具有参数映射的用户时(但仅当它是LDAP用户时)自动在数据库中创建该用户,如果已经创建了,则只进行连接
我也搜索过Spring安全解决方案,但实现与JHipster创建的初始文件距离太远,我不想破坏所有这些。我尝试了一些有效的方法,我不知道我是否应该这样做,但因为我没有发现任何相关内容,而且也没有记录在案,除非我找到更好的解决办法,否则我将坚持那个解决办法
// PersistentTokenRememberMeServices.java
protected void onLoginSuccess(HttpServletRequest request, HttpServletResponse response, Authentication
successfulAuthentication) {
String login = successfulAuthentication.getName();
log.debug("Creating new persistent login for user {}", login);
PersistentToken t = new PersistentToken();
t.setSeries(RandomUtil.generateSeriesData());
t.setTokenValue(RandomUtil.generateTokenData());
t.setTokenDate(LocalDate.now());
t.setIpAddress(request.getRemoteAddr());
t.setUserAgent(request.getHeader("User-Agent"));
PersistentToken token = userRepository.findOneByLogin(login).map(u -> {
t.setUser(u);
return t;
}).orElse(null);
if (token == null) {
if (successfulAuthentication.getPrincipal() instanceof LdapUserDetails) {
User ldapUser = new User();
ldapUser.setLogin(login);
ldapUser.setPassword(RandomStringUtils.random(60)); // We use LDAP password, but the password need to be set
ldapUser.setActivated(true);
CustomLdapUserDetails customLdapUserDetails = (CustomLdapUserDetails) successfulAuthentication.getPrincipal();
ldapUser.setEmail(customLdapUserDetails.getEmail());
ldapUser.setFirstName(customLdapUserDetails.getFirstName());
ldapUser.setLastName(customLdapUserDetails.getLastName());
Set<Authority> authorities = new HashSet<>();
authorities.add(this.authorityRepository.findOneByName("ROLE_USER"));
ldapUser.setAuthorities(authorities);
ldapUser.setLangKey("fr");
userRepository.save(ldapUser);
t.setUser(ldapUser);
token = t;
} else {
throw new UsernameNotFoundException("User " + login + " was not found in the database");
}
}
...
}
//persistentTokenMemberServices.java
受保护的void onloginsucess(HttpServletRequest请求、HttpServletResponse响应、身份验证
成功的身份验证){
String login=successfulAuthentication.getName();
debug(“为用户{}创建新的持久登录名”,login);
PersistentToken t=新的PersistentToken();
t、 setSeries(RandomUtil.generateSeriesData());
t、 setTokenValue(RandomUtil.generateTokenData());
t、 setTokenDate(LocalDate.now());
t、 setIpAddress(request.getRemoteAddr());
t、 setUserAgent(request.getHeader(“用户代理”));
PersistentToken token=userRepository.findOneByLogin(login).map(u->{
t、 setUser(u);
返回t;
}).orElse(空);
if(标记==null){
if(成功身份验证.getPrincipal()实例的LdapUserDetails){
用户ldapUser=新用户();
ldapUser.setLogin(登录名);
ldapUser.setPassword(RandomStringUtils.random(60));//我们使用LDAP密码,但需要设置密码
ldapUser.setActivated(true);
CustomLdapUserDetails CustomLdapUserDetails=(CustomLdapUserDetails)成功验证。getPrincipal();
setEmail(customLdapUserDetails.getEmail());
setFirstName(customLdapUserDetails.getFirstName());
setLastName(customLdapUserDetails.getLastName());
Set authorities=new HashSet();
authorities.add(this.authorityRepository.findOneByName(“角色用户”));
ldapUser.setAuthorities(authorities);
ldapUser.setLangKey(“fr”);
userRepository.save(ldapUser);
t、 setUser(ldapUser);
令牌=t;
}否则{
抛出新的UsernameNotFoundException(“在数据库中找不到用户“+login+”);
}
}
...
}
我添加了一个contextMapper来获取LDAP服务器中的属性
// SecurityConfiguration.java
@Bean
public UserDetailsContextMapper userDetailsContextMapper() {
return new LdapUserDetailsMapper() {
@Override
public UserDetails mapUserFromContext(DirContextOperations ctx, String username, Collection<? extends GrantedAuthority> authorities) {
UserDetails details = super.mapUserFromContext(ctx, username, authorities);
return new CustomLdapUserDetails((LdapUserDetails) details, ctx);
}
};
}
@Inject
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
LdapContextSource contextSource = new LdapContextSource();
contextSource.setUrl(applicationProperties.getLdap().getUrl());
contextSource.setBase(applicationProperties.getLdap().getBase());
contextSource.setUserDn(applicationProperties.getLdap().getUserDn());
contextSource.setPassword(applicationProperties.getLdap().getPassword());
contextSource.afterPropertiesSet(); //needed otherwise you will have a NullPointerException in spring
auth.ldapAuthentication()
.userDetailsContextMapper(userDetailsContextMapper())
.userSearchBase(applicationProperties.getLdap().getSearchBase()) //don't add the base
.userSearchFilter(applicationProperties.getLdap().getSearchFilter())
.contextSource(contextSource)
;
}
//SecurityConfiguration.java
@豆子
公共UserDetailsContextMapper UserDetailsContextMapper(){
返回新的LdapUserDetailsMapper(){
@凌驾
公共用户详细信息mapUserFromContext(DirContextOperations ctx、字符串用户名、集合