来自Ionic的Spring安全LDAP身份验证
我使用JavaSpring开发了一个后端,并通过扩展WebSecurity配置适配器添加了LDAP身份验证。我可以从邮递员那里得到认证,但我不能从爱奥尼亚那里得到 我春天的一面来自Ionic的Spring安全LDAP身份验证,spring,security,ionic-framework,ldap,Spring,Security,Ionic Framework,Ldap,我使用JavaSpring开发了一个后端,并通过扩展WebSecurity配置适配器添加了LDAP身份验证。我可以从邮递员那里得到认证,但我不能从爱奥尼亚那里得到 我春天的一面 @Configuration public class WebSecurityConfig extends WebSecurityConfigurerAdapter { //TODO: add other endpoints like /events in order to permit un-authenticate
@Configuration
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
//TODO: add other endpoints like /events in order to permit un-authenticated users
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.antMatchers("/login**").anonymous()
.antMatchers("/resources/**").permitAll()
.antMatchers("/assets/**").permitAll()
.antMatchers("/").authenticated()
.antMatchers("/home").authenticated()
.antMatchers("/events/**").authenticated()
.and()
.formLogin()
.and()
.logout()
.permitAll()
.and()
.cors()
.and()
.csrf()
.disable();
}
@Override
public void configure(AuthenticationManagerBuilder auth) throws Exception {
auth
.ldapAuthentication()
.contextSource()
.url("ldap://ldap.forumsys.com/dc=example,dc=com")
.and()
.userSearchFilter("(uid={0})")
.userSearchBase("ou=mathematicians")
.userDnPatterns("uid={0}");
}
登录控制器
@RequestMapping(value = "/")
public String home() throws NamingException {
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
String currentPrincipalName = authentication.getName();
return "hey, nice! = " + currentPrincipalName;
}
和我的邮递员登录;
最后,我的客户端(ionic)身份验证代码
authenticate(event) {
event.preventDefault();
const data = new URLSearchParams();
data.append("username",this.state.username);
data.append("password",this.state.password);
fetch(host + "/login", {
mode: 'no-cors',
method: 'POST',
body: data,
redirect :"follow",
headers: {
'Accept': '*/*'
},
keepalive: true
})
}
但从我的爱奥尼亚方面来看,我不能像邮递员那样得到“嘿,很好!=euler”的回答。我想我处理过CORS,但我没有找出问题所在。我回答了我的问题 我向我的package.json中添加了代理,并添加了凭证:“include”以在前端发布请求头