Spring security Spring安全活动目录_Spring Security_Spring Java Config_Spring Ldap

Spring security Spring安全活动目录

spring-security

Spring security Spring安全活动目录,spring-security,spring-java-config,spring-ldap,Spring Security,Spring Java Config,Spring Ldap,我正在尝试通过SpringSecurity进行LDAP身份验证我的代码 auth.ldapAuthentication() .userSearchFilter("(uid={0})").userSearchBase("ou=TTU") .groupSearchFilter("uniqueMember={0}").groupSearchBase("ou=TTU") .contextSource(contextSource(

我正在尝试通过SpringSecurity进行LDAP身份验证

我的代码

 auth.ldapAuthentication()
            .userSearchFilter("(uid={0})").userSearchBase("ou=TTU")
            .groupSearchFilter("uniqueMember={0}").groupSearchBase("ou=TTU")
            .contextSource(contextSource())
            .passwordCompare()
                .passwordEncoder(new LdapShaPasswordEncoder())
                .passwordAttribute("userPassword");

但始终返回401“错误凭据” 什么样的错误？

也许有人有一个Java配置的例子。

它的工作。。。也许任何人都能帮上忙

       auth.authenticationProvider(ldapAuthenticationProvider());
       auth.eraseCredentials(true);



@Bean
public DefaultSpringSecurityContextSource contextSource(){

    DefaultSpringSecurityContextSource contextSource =
            new DefaultSpringSecurityContextSource(Arrays.asList("ldap://url:389/"),"dc=ttu,dc=ru");
    contextSource.setUserDn(userDn);
    contextSource.setPassword(passwordForLDAP);
    contextSource.setReferral("follow");
    return contextSource;
  }

@Bean
public LdapAuthenticationProvider ldapAuthenticationProvider(){
    return new LdapAuthenticationProvider(ldapAuthenticator(),ldapAuthoritiesPopulator());
}

@Bean
public LdapAuthenticator ldapAuthenticator(){
    BindAuthenticator authenticator = new BindAuthenticator(contextSource());
    authenticator.setUserSearch(userSearch());
    return authenticator;
}

@Bean
public DefaultLdapAuthoritiesPopulator ldapAuthoritiesPopulator(){
    DefaultLdapAuthoritiesPopulator ldapAuthoritiesPopulator =
            new DefaultLdapAuthoritiesPopulator(contextSource(),"ou=TTU");
    ldapAuthoritiesPopulator.setSearchSubtree(true);
    ldapAuthoritiesPopulator.setIgnorePartialResultException(true);
    //ldapAuthoritiesPopulator.setGroupSearchFilter("member={0}");
    ldapAuthoritiesPopulator.setRolePrefix("ROLE_");
    ldapAuthoritiesPopulator.setConvertToUpperCase(true);
    return ldapAuthoritiesPopulator;
}

@Bean
public FilterBasedLdapUserSearch userSearch(){
    FilterBasedLdapUserSearch filterBasedLdapUserSearch =
            new FilterBasedLdapUserSearch("","(sAMAccountName={0})",contextSource());
    filterBasedLdapUserSearch.setSearchSubtree(true);
    return filterBasedLdapUserSearch;
}