How to use Spring Ldap Authentication

非 Y 不嫁゛ 提交于 2019-11-30 23:34:29

I found these article helpful for setting up login form with spring security, however, they do not use jsf:

http://www.mkyong.com/spring-security/spring-security-hello-world-example/ http://www.mkyong.com/spring-security/spring-security-form-login-example/

and found this article helpful for using ldap as authentication provider, it does not use ldapTemplate, but uses the spring-security configurations (spring-security.xml in the article)

http://krams915.blogspot.com/2011/01/spring-security-mvc-using-ldap.html

Kul Bhushan Prasad

This is how I am using LDAP for authentication:

  1. Import Maven dependencies

    <dependency>
      <groupId>org.springframework.boot</groupId>
      <artifactId>spring-boot-starter-security</artifactId>
    </dependency>
    <dependency>
      <groupId>org.springframework.security</groupId>
      <artifactId>spring-security-ldap</artifactId>
      <version>4.0.2.RELEASE</version>
    </dependency>
    
  2. Write your implementation of WebSecurityConfigurerAdapter:

    @Configuration
    @EnableWebSecurity
    public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
    
    private static final String SSO_HEADER = "AUTH_USER";
    
    public static final String ADMIN = "ROLE_ADMIN";
    public static final String USER = "ROLE_USER";
    public static final String ANONYMOUS = "ROLE_ANONYMOUS";
    
    @Autowired
    Environment env;
    
    @Override
    protected void configure(HttpSecurity http) throws Exception {
    
        http.authorizeRequests()
                .antMatchers("/css/**","/js/**","/images/**","/fonts/**","/api/**","/sendRedirect/**","/test/**").permitAll()
                .anyRequest().fullyAuthenticated().and().formLogin().loginPage("/login")
                .failureUrl("/login?error").permitAll()
                .and()
                .logout()
                .deleteCookies("remove")
                .invalidateHttpSession(true)
                .logoutUrl("/logout")
                .logoutSuccessUrl("/login?logout")
                .and()
            // Cross-site request forgery is turned off for RESTful API calls with the assumption that
            // authentication will be sufficient protection
            .csrf().ignoringAntMatchers("/api/**", "/space/{\\d+}/**", "/admin/**");
    }
    
    @Override
    public AuthenticationManager authenticationManagerBean()
        throws Exception
    {
        return authenticationManager();
    }
    
    @Configuration
    protected static class AuthenticationConfiguration extends
            GlobalAuthenticationConfigurerAdapter {
    
        @Autowired
        Environment env;
    
        @Override
        public void init(AuthenticationManagerBuilder auth) throws Exception {
            auth.ldapAuthentication().userDnPatterns("cn={0}")
                    .contextSource(contextSource());
        }
    
        @Bean
        public LdapContextSource contextSource() {
            LdapContextSource contextSource = new LdapContextSource();
            contextSource.setUrl(env.getRequiredProperty("ldap.url"));
            contextSource.setBase(env.getRequiredProperty("ldap.base"));
            contextSource.setUserDn(env.getRequiredProperty("ldap.username"));
            contextSource.setPassword(env.getRequiredProperty("ldap.password"));
            return contextSource;
        }
    }
    
    }
    
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!