Spring boot 通过Spring security ldap验证用户时未授予任何权限错误
我正在尝试使用SpringBoot通过LDAP服务器对用户进行身份验证,我已经成功地确认了LDAP。现在,当我使用authenticationManager()对用户凭据进行身份验证时,我得到了Spring boot 通过Spring security ldap验证用户时未授予任何权限错误,spring-boot,spring-security,ldap,spring-ldap,spring-security-ldap,Spring Boot,Spring Security,Ldap,Spring Ldap,Spring Security Ldap,我正在尝试使用SpringBoot通过LDAP服务器对用户进行身份验证,我已经成功地确认了LDAP。现在,当我使用authenticationManager()对用户凭据进行身份验证时,我得到了未授予任何权限的错误。 我尝试了几段代码,但没有找到任何合适的解决方案,或者可能是我在整个身份验证过程中遗漏了一些要点 控制器: @RequestMapping(value = "/login", method = RequestMethod.POST) // public ResponseEntity
未授予任何权限的错误。
我尝试了几段代码,但没有找到任何合适的解决方案,或者可能是我在整个身份验证过程中遗漏了一些要点
控制器:
@RequestMapping(value = "/login", method = RequestMethod.POST)
// public ResponseEntity<?> authenticateUser(@Valid @RequestBody LoginRequest loginRequest, BindingResult result){
public ResponseEntity<?> authenticateUser(@Valid @ModelAttribute LoginRequest loginRequest, BindingResult result){
ResponseEntity<?> errorMap = mapValidationErrorService.getMapValidationErrors(result);
if(errorMap != null) return errorMap;
String jwt = null;
try {
Authentication authentication = authenticationManager.authenticate(
new UsernamePasswordAuthenticationToken(loginRequest.getUsername(), loginRequest.getPassword()) );
System.out.println("test : "+authentication.toString());
SecurityContextHolder.getContext().setAuthentication(authentication);
jwt = TOKEN_PREFIX + tokenProvider.generateToken(authentication);
}catch (Exception e) {
return new ResponseEntity<>("Not Authorized", HttpStatus.FORBIDDEN);
}
验证结果为:
test : org.springframework.security.authentication.UsernamePasswordAuthenticationToken@58d6c26a: Principal: org.springframework.security.ldap.userdetails.LdapUserDetailsImpl@a7293dae: Dn: mail=email@gmail.com,ou=projectName,o=companyName; Username: email@gmail.com; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; CredentialsNonExpired: true; AccountNonLocked: true; Not granted any authorities; Credentials: [PROTECTED]; Authenticated: true; Details: null; Not granted any authorities
请帮我解决这个问题。如何避免未授予权限的错误。
提前谢谢 更新安全配置类而不是第一个配置方法(AuthenticationManagerBuilder)使用:
此外,autowire LDAPauthorities Populator更新安全配置类而不是第一个配置方法(AuthenticationManagerBuilder)使用:
另外,autowire LDAPauthorities Populator您是否能够解决此问题?我面临着同样的问题。是的,我能够解决这个问题。我更改了安全配置,尝试使用ldapAuthoritiesPopulator。非常感谢您在解决问题之前?我面临着同样的问题。是的,我能够解决这个问题。我更改了安全配置,尝试使用ldapAuthoritiesPopulator。非常感谢
test : org.springframework.security.authentication.UsernamePasswordAuthenticationToken@58d6c26a: Principal: org.springframework.security.ldap.userdetails.LdapUserDetailsImpl@a7293dae: Dn: mail=email@gmail.com,ou=projectName,o=companyName; Username: email@gmail.com; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; CredentialsNonExpired: true; AccountNonLocked: true; Not granted any authorities; Credentials: [PROTECTED]; Authenticated: true; Details: null; Not granted any authorities
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
auth.ldapAuthentication()
.userDnPatterns(userDnPattern)
.contextSource()
.url(url+baseDn)
.managerDn(ldapSecurityPrincipal)
.managerPassword(ldapPrincipalPassword)
.and()
.ldapAuthoritiesPopulator(myAuthPopulator);
}