Warning: file_get_contents(/data/phpspider/zhask/data//catemap/2/spring/12.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Spring Security LDAP身份验证不会抛出任何属性或值错误_Spring_Spring Security_Ldap_Spring Security Ldap - Fatal编程技术网
Fatal编程技术网
  • spring/
  • Spring Security LDAP身份验证不会抛出任何属性或值错误

Spring Security LDAP身份验证不会抛出任何属性或值错误

spring spring-security ldap

Spring Security LDAP身份验证不会抛出任何属性或值错误,spring,spring-security,ldap,spring-security-ldap,Spring,Spring Security,Ldap,Spring Security Ldap,在遵循spring.io指南时,我无法针对真实的LDAP/AD进行身份验证: 当对真实的AD/LADP进行自动验证时,我遇到的问题是: org.springframework.security.authentication.InternalAuthenticationServiceException: [LDAP: error code 16 - 00002080: AtrErr: DSID-03080155, #1: 0: 00002080: DSID-03080155, proble

在遵循spring.io指南时,我无法针对真实的LDAP/AD进行身份验证:

当对真实的AD/LADP进行自动验证时,我遇到的问题是:

org.springframework.security.authentication.InternalAuthenticationServiceException: [LDAP: error code 16 - 00002080: AtrErr: DSID-03080155, #1:
    0: 00002080: DSID-03080155, problem 1001 (NO_ATTRIBUTE_OR_VAL), data 0, Att 23 (userPassword)
]; nested exception is javax.naming.directory.NoSuchAttributeException: [LDAP: error code 16 - 00002080: AtrErr: DSID-03080155, #1:
0: 00002080: DSID-03080155, problem 1001 (NO_ATTRIBUTE_OR_VAL), data 0, Att 23 (userPassword)
]; remaining name 'CN=olahell,OU=Consultants,OU=Production,OU=Company'
下面是我的java身份验证配置:

@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
    auth.ldapAuthentication()
                .userSearchFilter("(&(objectClass=user)(sAMAccountName={0}))")
                .contextSource()
                .url("ldap://company-dc02.company.local:389/dc=company,dc=local")
                .managerDn("CN=olahell,OU=Consultants,OU=Production,OU=Company,DC=company,DC=local")
                .managerPassword("myPassword")
            .and()
                .passwordCompare()
                .passwordEncoder(new LdapShaPasswordEncoder())
                .passwordAttribute("userPassword");
}
我需要做的是使用
bindeauthenticator
,LDAP的配置如下:

@Bean
public AuthenticationProvider ldapAuthenticationProvider() throws Exception {
        String ldapServerUrl = "ldap://company-dc02.bergsala.local:389/dc=company,dc=local";
        DefaultSpringSecurityContextSource contextSource = new DefaultSpringSecurityContextSource(ldapServerUrl);
        String ldapManagerDn = "CN=olahell,OU=Consultants,OU=Production,OU=Company,DC=company,DC=local";
        contextSource.setUserDn(ldapManagerDn);
        String ldapManagerPassword = "myPassword";
        contextSource.setPassword(ldapManagerPassword);
        contextSource.setReferral("follow");
        contextSource.afterPropertiesSet();
        LdapUserSearch ldapUserSearch = new FilterBasedLdapUserSearch("", "(&(objectClass=user)(sAMAccountName={0}))", contextSource);
        BindAuthenticator bindAuthenticator = new BindAuthenticator(contextSource);
        bindAuthenticator.setUserSearch(ldapUserSearch);
        LdapAuthenticationProvider ldapAuthenticationProvider = new LdapAuthenticationProvider(bindAuthenticator, new EmsLdapAuthoritiesPopulator(contextSource, ""));
        return ldapAuthenticationProvider;
    }

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.authenticationProvider(ldapAuthenticationProvider());
    }
注意:
EmsLdapAuthoritiesPopulator
扩展了
defaultldaAuthoritiesPopulator
并覆盖了
#getAdditionalRoles
,使我能够为用户设置额外的角色