Spring boot 使用springboot的restfulldap身份验证服务

我正在编写一个程序，验证通过HTTP POST发送的用户名和密码，并根据ldap进行验证，然后将响应发送回用户，无论验证是否成功

我的Web安全配置器实现

package hello;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.annotation.Order;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.password.LdapShaPasswordEncoder;

import org.springframework.boot.autoconfigure.security.SecurityProperties;

@Configuration
@Order(SecurityProperties.IGNORED_ORDER)
public class ApplicationSecurity extends WebSecurityConfigurerAdapter {

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.authorizeRequests().anyRequest().authenticated();
        http.csrf().disable();

    }

    @SuppressWarnings("deprecation")
    @Override
    public void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth
            .ldapAuthentication()
                .userDnPatterns("uid={0},ou=people")
                .groupSearchBase("ou=groups")
                .contextSource()
                    .url("ldap://localhost:8389/dc=springframework,dc=org")
                    .and()
                .passwordCompare()
                    .passwordEncoder(new LdapShaPasswordEncoder())
                    .passwordAttribute("userPassword");
    }

}

My test-server.ldif

dn: dc=springframework,dc=org
objectclass: top
objectclass: domain
objectclass: extensibleObject
dc: springframework

dn: ou=groups,dc=springframework,dc=org
objectclass: top
objectclass: organizationalUnit
ou: groups

dn: ou=subgroups,ou=groups,dc=springframework,dc=org
objectclass: top
objectclass: organizationalUnit
ou: subgroups

dn: ou=people,dc=springframework,dc=org
objectclass: top
objectclass: organizationalUnit
ou: people

dn: ou=space cadets,dc=springframework,dc=org
objectclass: top
objectclass: organizationalUnit
ou: space cadets

dn: ou=\"quoted people\",dc=springframework,dc=org
objectclass: top
objectclass: organizationalUnit
ou: "quoted people"

dn: ou=otherpeople,dc=springframework,dc=org
objectclass: top
objectclass: organizationalUnit
ou: otherpeople

dn: uid=ben,ou=people,dc=springframework,dc=org
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
cn: Ben Alex
sn: Alex
uid: ben
userPassword: {SHA}nFCebWjxfaLbHHG1Qk5UU4trbvQ=

dn: uid=bob,ou=people,dc=springframework,dc=org
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
cn: Bob Hamilton
sn: Hamilton
uid: bob
userPassword: bobspassword
.
.

我在application.properties中也定义了这个。 spring.ldap.embedded.ldif=classpath:test-server.ldif

dn: dc=springframework,dc=org
objectclass: top
objectclass: domain
objectclass: extensibleObject
dc: springframework

dn: ou=groups,dc=springframework,dc=org
objectclass: top
objectclass: organizationalUnit
ou: groups

dn: ou=subgroups,ou=groups,dc=springframework,dc=org
objectclass: top
objectclass: organizationalUnit
ou: subgroups

dn: ou=people,dc=springframework,dc=org
objectclass: top
objectclass: organizationalUnit
ou: people

dn: ou=space cadets,dc=springframework,dc=org
objectclass: top
objectclass: organizationalUnit
ou: space cadets

dn: ou=\"quoted people\",dc=springframework,dc=org
objectclass: top
objectclass: organizationalUnit
ou: "quoted people"

dn: ou=otherpeople,dc=springframework,dc=org
objectclass: top
objectclass: organizationalUnit
ou: otherpeople

dn: uid=ben,ou=people,dc=springframework,dc=org
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
cn: Ben Alex
sn: Alex
uid: ben
userPassword: {SHA}nFCebWjxfaLbHHG1Qk5UU4trbvQ=

dn: uid=bob,ou=people,dc=springframework,dc=org
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
cn: Bob Hamilton
sn: Hamilton
uid: bob
userPassword: bobspassword
.
.

我试图发布来自邮递员的数据，我得到了403的任何值的响应

我不明白为什么它会给403。 谁能理解我做错了什么。谢谢

以下是更新的安全日志：

2019-09-03 10:11:56.942调试9040---[nio-8080-exec-2] o、 s.security.web.FilterChainProxy:/rest/hello位于位置1 在额外的过滤链中增加10个；点火过滤器： “WebAsyncManagerIntegrationFilter”2019-09-03 10:11:56.944调试9040 ---[nio-8080-exec-2]o.s.security.web.FilterChainProxy:/rest/hello位于附加过滤器链中10个位置中的第2个位置；发射 过滤器：“SecurityContextPersistenceFilter”2019-09-03 10:11:56.944 调试9040---[nio-8080-exec-2] w、 c.HttpSessionSecurityContextRepository:当前没有HttpSession 存在2019-09-03 10:11:56.945调试9040---[nio-8080-exec-2] w、 c.HttpSessionSecurityContextRepository:未找到SecurityContext 可从HttpSession获得：null。将创建一个新的。 2019-09-03 10:11:56.947调试9040---[nio-8080-exec-2] o、 s.security.web.FilterChainProxy:/rest/hello位于位置3 在额外的过滤链中增加10个；触发过滤器：“HeaderWriterFilter” 2019-09-03 10:11:56.948调试9040---[nio-8080-exec-2] o、 s.security.web.FilterChainProxy:/rest/hello位于位置4 在额外的过滤链中增加10个；正在启动筛选器：“注销筛选器” 2019-09-03 10:11:56.948调试9040---[nio-8080-exec-2] o、 s.s.web.util.matcher.OrRequestMatcher:尝试使用Ant进行匹配 [pattern='/logout'，GET]2019-09-0310:11:56.949调试9040--- [nio-8080-exec-2]o.s.s.w.u.matcher.AntPathRequestMatcher:正在检查 请求匹配：'/rest/hello'；2019-09-03针对“/注销” 10:11:56.949调试9040---[nio-8080-exec-2] o、 s.s.web.util.matcher.OrRequestMatcher:尝试使用Ant进行匹配 [pattern='/logout'，POST]2019-09-0310:11:56.949调试9040--- [nio-8080-exec-2]o.s.s.w.u.matcher.AntPathRequestMatcher:请求 “GET/rest/hello”与“POST/logout”不匹配2019-09-03 10:11:56.949 调试9040---[nio-8080-exec-2] o、 s.s.web.util.matcher.OrRequestMatcher:尝试使用Ant进行匹配 [pattern='/logout'，PUT]2019-09-0310:11:56.950调试9040--- [nio-8080-exec-2]o.s.s.w.u.matcher.AntPathRequestMatcher:请求 “GET/rest/hello”与“PUT/logout”不匹配2019-09-03 10:11:56.950 调试9040---[nio-8080-exec-2] o、 s.s.web.util.matcher.OrRequestMatcher:尝试使用Ant进行匹配 [pattern='/logout'，DELETE]2019-09-0310:11:56.950调试9040--- [nio-8080-exec-2]o.s.s.w.u.matcher.AntPathRequestMatcher:请求 “GET/rest/hello”与“DELETE/logout”2019-09-03不匹配 10:11:56.950调试9040---[nio-8080-exec-2] o、 s.s.web.util.matcher.OrRequestMatcher:未找到匹配项2019-09-03 10:11:56.951调试9040---[nio-8080-exec-2] o、 s.security.web.FilterChainProxy:/rest/hello位于位置5 在额外的过滤链中增加10个；点火过滤器： “RequestCacheAwareFilter”2019-09-03 10:11:56.951调试9040--- [nio-8080-exec-2]o.s.s.w.s.HttpSessionRequestCache:已保存 请求与2019-09-03 10:11:56.951调试9040不匹配--- [nio-8080-exec-2]o.s.security.web.FilterChainProxy： /在附加过滤器链的10个位置中的第6个位置休息/问候；发射 筛选器：“SecurityContextHolderAwareRequestFilter”2019-09-03 10:11:56.953调试9040---[nio-8080-exec-2] o、 s.security.web.FilterChainProxy:/rest/hello位于位置7 在额外的过滤链中增加10个；点火过滤器： “匿名身份验证过滤器”2019-09-03 10:11:56.958调试9040--- [nio-8080-exec-2]o.s.s.w.a.AnonymousAuthenticationFilter:已填充 具有匿名令牌的SecurityContextHolder： 'org.springframework.security.authentication。AnonymousAuthenticationToken@938ad544: 负责人：匿名用户；凭据：[受保护]；认证： 是的；细节： org.springframework.security.web.authentication。WebAuthenticationDetails@b364: RemoteIP地址：0:0:0:0:0:0:0:0:0:1；SessionId:null；授予 权威：ROLE_ANONYMOUS'2019-09-03 10:11:56.958调试9040--- [nio-8080-exec-2]o.s.security.web.FilterChainProxy： /在附加过滤器链的10个位置中的第8个位置休息/问候；发射 筛选器：“会话管理筛选器”2019-09-03 10:11:56.958调试9040 ---[nio-8080-exec-2]o.s.s.w.session.SessionManagement筛选器：请求的会话ID 84F3D9D1165FFEE7008EDB2FA99B0D88无效。 2019-09-03 10:11:56.958调试9040---[nio-8080-exec-2] o、 s.security.web.FilterChainProxy:/rest/hello位于位置9 在额外的过滤链中增加10个；点火过滤器： “ExceptionTranslationFilter”2019-09-03 10:11:56.959调试9040--- [nio-8080-exec-2]o.s.security.web.FilterChainProxy： /在附加过滤器链的10/10位置休息/问候；发射 过滤器：“过滤器安全接收器”2019-09-03 10:11:56.960调试9040 ---[nio-8080-exec-2]o.s.s.w.a.i.FilterSecurityInterceptor:安全对象：过滤器职业：URL:/rest/hello；属性： [已验证]2019-09-03 10:11:56.960调试9040--- [nio-8080-exec-2]o.s.s.w.a.i.过滤器安全接口： 先前认证： org.springframework.security.authentication。AnonymousAuthenticationToken@938ad544: 负责人：匿名用户；凭据：[受保护]；认证： 是的；细节： org.springframework.security.web.authentication。WebAuthenticationDetails@b364: RemoteIP地址：0:0:0:0:0:0:0:0:0:1；SessionId:null；授予 授权机构：ROLE_ANONYMOUS 2019-0