Warning: file_get_contents(/data/phpspider/zhask/data//catemap/8/logging/2.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Java Spring安全LDAP检查空密码_Java_Spring_Spring Security_Ldap - Fatal编程技术网
Fatal编程技术网
  • java/
  • Java Spring安全LDAP检查空密码

Java Spring安全LDAP检查空密码

java spring spring-security ldap

Java Spring安全LDAP检查空密码,java,spring,spring-security,ldap,Java,Spring,Spring Security,Ldap,我在我的应用程序中使用LDAP身份验证。 我使用以下代码: @Override public void configure(AuthenticationManagerBuilder auth) throws Exception { String domain = customProperties.getAdDomain(); String url = customProperties.getAdUrl(); ActiveDirectoryLdapAuthenticatio

我在我的应用程序中使用LDAP身份验证。 我使用以下代码:

@Override
public void configure(AuthenticationManagerBuilder auth) throws Exception {
    String domain = customProperties.getAdDomain();
    String url = customProperties.getAdUrl();
    ActiveDirectoryLdapAuthenticationProvider provider = new ActiveDirectoryLdapAuthenticationProvider(domain,url);
    provider.setConvertSubErrorCodesToExceptions(true);
    provider.setUseAuthenticationRequestCredentials(true);
    provider.setUserDetailsContextMapper(userDetailsContextMapper());
    auth.authenticationProvider(provider);
    auth.userDetailsService(new MyUserDetailsService());
}
身份验证使用空密码进行。我知道我需要插入一个空密码检查,因为在这种情况下并非所有LDAP服务器都返回错误。如何以及在何处插入空白密码检查更好?

不使用ActiveDirectoryLdapAuthenticationProvider,您可以使用Spring的LdapTemplate定制实现如何针对LdapServer对用户进行身份验证。您可以参考建议并配置LDAP模板

然后,您可以创建CustomAuthenticationProvider类来处理身份验证

CustomAuthenticationProvider.class

public class CustomAuthenticationProvider implement AuthenticationProvider{

  @Autowired
  private LdapTemplate ldapTemplate;

  @Override
  public Authentication authenticate(Authentication auth) throws AuthenticationException{
    String username = auth.getName;
    String password = auth.getCredentials().toString();

    .. Your code to check whether password is blank ..

    AndFilter andFilter = new AndFilter();
    andFilter.and(new EqualFilter("<LDAP USER ATTRIBUTE>",username))
          .and(new EqualFilter("<LDAP GROUP ATTRIBUTE>","<USER GROUP>"));

    boolean isValidUser = ldapTemplate.authenticate("",andFilter.encode(),password);

    ... Your code to complete the authentication ...

{

公共类CustomAuthenticationProvider实现AuthenticationProvider{
@自动连线
私有LdapTemplate LdapTemplate;
@凌驾
公共身份验证(Authentication auth)引发AuthenticationException{
字符串username=auth.getName;
字符串密码=auth.getCredentials().toString();
..检查密码是否为空的代码。。
AndFilter AndFilter=新建AndFilter();
andFilter.and(新的EqualFilter(“,用户名))
。及(新等滤器(“,”);
布尔值isValidUser=ldapTemplate.authenticate(“,andFilter.encode(),password);
…完成身份验证的代码。。。
{
我更喜欢这种方法,因为它可以更好地控制如何对用户进行身份验证