Tomcat Spring LDAP失败
我有一个AngularJS-Spring应用程序,它成功地使用了LDAP。我将它的设置复制到Spring-GWT应用程序中,但它们失败了 错误的关键部分似乎是: org.springframework.security.authentication.InternalAuthenticationServiceException:无效的属性描述;嵌套异常为javax.naming.directory.InvalidSearchFilterException:无效的属性描述;剩余名称“ou=Users,ou=MCR,dc=mfad,dc=mfroot,dc=org” application.security.xml:Tomcat Spring LDAP失败,tomcat,spring-security,spring-ldap,Tomcat,Spring Security,Spring Ldap,我有一个AngularJS-Spring应用程序,它成功地使用了LDAP。我将它的设置复制到Spring-GWT应用程序中,但它们失败了 错误的关键部分似乎是: org.springframework.security.authentication.InternalAuthenticationServiceException:无效的属性描述;嵌套异常为javax.naming.directory.InvalidSearchFilterException:无效的属性描述;剩余名称“ou=Users
<?xml version = "1.0" encoding = "UTF-8"?>
<beans:beans xmlns = "http://www.springframework.org/schema/security"
xmlns:xsi = "http://www.w3.org/2001/XMLSchema-instance"
xmlns:beans = "http://www.springframework.org/schema/beans"
xmlns:util = "http://www.springframework.org/schema/util"
xsi:schemaLocation = "http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-4.3.xsd
http://www.springframework.org/schema/util
http://www.springframework.org/schema/util/spring-util-4.3.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-4.2.xsd">
<!-- HTTP security configurations -->
<http auto-config = 'true' use-expressions = "false" >
<intercept-url pattern = "/j_spring_security_check" access = "IS_AUTHENTICATED_ANONYMOUSLY"/>
<intercept-url pattern = "/login" access = "IS_AUTHENTICATED_ANONYMOUSLY"/>
<intercept-url pattern = "/Login.html" access = "IS_AUTHENTICATED_ANONYMOUSLY" />
<intercept-url pattern = "/img/favicon.ico" access = "IS_AUTHENTICATED_ANONYMOUSLY" />
<intercept-url pattern = "/**" access = "IS_AUTHENTICATED_FULLY" />
<logout logout-success-url = "/Login.html" />
<form-login login-page = "/Login.html" default-target-url = "/index.gwt.html" always-use-default-target = "true"
login-processing-url = "/j_spring_security_check" username-parameter = "username" password-parameter = "password" />
<session-management invalid-session-url = "/Login.html"
session-authentication-error-url = "/Login.html"
session-fixation-protection = "newSession">
<concurrency-control max-sessions = "1" error-if-maximum-exceeded = "false" />
</session-management>
</http>
<ldap-server {Our settings} />
<authentication-manager alias = "authenticationManager">
<ldap-authentication-provider
group-search-filter = "cn = {0}"
group-search-base = "OU = Groups,OU = MCR,DC = mfad,DC = mfroot,DC = org"
user-search-base = "OU = Users,OU = MCR,DC = mfad,DC = mfroot,DC = org"
user-search-filter = "cn = {0}"
user-details-class = "inetOrgPerson">
</ldap-authentication-provider>
</authentication-manager>
</beans:beans>
LDAP搜索筛选器用括号括起来。@EJP如果您这样回答,我会将您标记为已成功回答了我的问题
ERROR [http-nio-8080-exec-6] (AbstractAuthenticationProcessingFilter.java:218) - An internal error occurred while trying to authenticate the user.
org.springframework.security.authentication.InternalAuthenticationServiceException: invalid attribute description; nested exception is javax.naming.directory.InvalidSearchFilterException: invalid attribute description; remaining name 'ou=Users,ou=MCR,dc=mfad,dc=mfroot,dc=org'
at org.springframework.security.ldap.authentication.LdapAuthenticationProvider.doAuthentication(LdapAuthenticationProvider.java:191)
at org.springframework.security.ldap.authentication.AbstractLdapAuthenticationProvider.authenticate(AbstractLdapAuthenticationProvider.java:80)
at org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:156)
at org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:177)
at org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter.attemptAuthentication(UsernamePasswordAuthenticationFilter.java:92)
at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:211)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:110)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:50)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.session.ConcurrentSessionFilter.doFilter(ConcurrentSessionFilter.java:125)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:87)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:192)
at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:160)
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346)
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:262)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:219)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:106)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:502)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:142)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79)
at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:617)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:88)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:518)
at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1091)
at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:668)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1521)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1478)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:745)
Caused by: org.springframework.ldap.InvalidSearchFilterException: invalid attribute description; nested exception is javax.naming.directory.InvalidSearchFilterException: invalid attribute description; remaining name 'ou=Users,ou=MCR,dc=mfad,dc=mfroot,dc=org'
at org.springframework.ldap.support.LdapUtils.convertLdapException(LdapUtils.java:143)
at org.springframework.ldap.core.LdapTemplate.executeWithContext(LdapTemplate.java:820)
at org.springframework.ldap.core.LdapTemplate.executeReadOnly(LdapTemplate.java:803)
at org.springframework.security.ldap.SpringSecurityLdapTemplate.searchForSingleEntry(SpringSecurityLdapTemplate.java:194)
at org.springframework.security.ldap.search.FilterBasedLdapUserSearch.searchForUser(FilterBasedLdapUserSearch.java:116)
at org.springframework.security.ldap.authentication.BindAuthenticator.authenticate(BindAuthenticator.java:90)
at org.springframework.security.ldap.authentication.LdapAuthenticationProvider.doAuthentication(LdapAuthenticationProvider.java:178)
... 37 more
Caused by: javax.naming.directory.InvalidSearchFilterException: invalid attribute description; remaining name 'ou=Users,ou=MCR,dc=mfad,dc=mfroot,dc=org'
at com.sun.jndi.ldap.Filter.encodeSimpleFilter(Filter.java:437)
at com.sun.jndi.ldap.Filter.encodeFilter(Filter.java:171)
at com.sun.jndi.ldap.Filter.encodeFilterString(Filter.java:74)
at com.sun.jndi.ldap.LdapClient.search(LdapClient.java:548)
at com.sun.jndi.ldap.LdapCtx.doSearch(LdapCtx.java:1985)
at com.sun.jndi.ldap.LdapCtx.searchAux(LdapCtx.java:1844)
at com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1769)
at com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1786)
at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(ComponentDirContext.java:418)
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:396)
at javax.naming.directory.InitialDirContext.search(InitialDirContext.java:297)
at org.springframework.security.ldap.SpringSecurityLdapTemplate.searchForSingleEntryInternal(SpringSecurityLdapTemplate.java:208)
at org.springframework.security.ldap.SpringSecurityLdapTemplate$3.executeWithContext(SpringSecurityLdapTemplate.java:196)
at org.springframework.ldap.core.LdapTemplate.executeWithContext(LdapTemplate.java:817)
... 42 more