Spring security Spring安全性-LDAP-BadCredentialsException：_Spring Security_Ldap

Spring security Spring安全性-LDAP-BadCredentialsException：

spring-security ldap

Spring security Spring安全性-LDAP-BadCredentialsException：,spring-security,ldap,Spring Security,Ldap,我无法使用spring security验证用户，我得到一个BadCredentailException。我的spring安全配置是： <bean id="contextSource" class="org.springframework.security.ldap.DefaultSpringSecurityContextSource"> <constructor-arg value="ldaps://ldaps.prod.sam.com:636"/>

我无法使用spring security验证用户，我得到一个BadCredentailException。我的spring安全配置是：

<bean id="contextSource"
      class="org.springframework.security.ldap.DefaultSpringSecurityContextSource">
    <constructor-arg value="ldaps://ldaps.prod.sam.com:636"/>
    <property name="userDn" value="CN=!testUser1,OU=Service Accounts,OU=User Accounts,DC=prod,DC=sam,DC=com"/>
    <property name="password" value="!!testPass1!!"/>
    <property name="referral" value="follow"/>
</bean>
<bean class="org.springframework.security.ldap.search.FilterBasedLdapUserSearch" id="ldapSearchBean">
    <constructor-arg value="OU=User Accounts,DC=prod,DC=sam,DC=com"/>
    <constructor-arg value="(sAMAccountName={0})"/>
    <constructor-arg ref="contextSource"/>
    <property name="searchSubtree" value="true"/>
</bean>
<bean class="org.springframework.security.ldap.authentication.BindAuthenticator" id="ldapBindAuthenticator">
    <constructor-arg ref="contextSource"/>
    <property name="userSearch" ref="ldapSearchBean"/>
</bean>
<bean class="org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator" id="ldapAuthoritiesPopulator">
    <constructor-arg value="ou=Groups"/>
    <constructor-arg ref="contextSource"/>
    <property name="groupRoleAttribute" value="memberOf"/>
</bean>
<bean class="org.springframework.security.ldap.userdetails.InetOrgPersonContextMapper" id="ldapUserDetailsContextMapper">
</bean>
<bean id="ldapAuthProvider"        class="org.springframework.security.ldap.authentication.LdapAuthenticationProvider">
    <constructor-arg ref="ldapBindAuthenticator"/>
    <constructor-arg ref="ldapAuthoritiesPopulator"/>
    <property name="useAuthenticationRequestCredentials" value="false"/>
    <property name="userDetailsContextMapper" ref="ldapUserDetailsContextMapper" />
</bean>
<security:authentication-manager alias="authenticationManager" >
    <security:authentication-provider ref="ldapAuthProvider"/>
</security:authentication-manager>

当我逐步验证ldap用户成功时，失败的是测试用户验证。我认为问题在于基本路径。有人能告诉我遗漏了什么吗？

使用

ldapsearch

命令行实用程序测试配置，尝试验证与目录服务器的连接

另见

问题在于搜索bean。如果我在ContextSourcebean中使用相同的用户和密码绑定到ldap，它就会工作。需要弄清楚如何在搜索bean中调整基本路径。

org.springframework.security.authentication.BadCredentialsException: Bad credentials
at org.springframework.security.ldap.authentication.BindAuthenticator.authenticate(BindAuthenticator.java:95)
at org.springframework.security.ldap.authentication.LdapAuthenticationProvider.doAuthentication(LdapAuthenticationProvider.java:178)
at org.springframework.security.ldap.authentication.AbstractLdapAuthenticationProvider.authenticate(AbstractLdapAuthenticationProvider.java:61)
at org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:156)