2

在验证用户身份时出现以下异常:

如果我像这样在 applicationContext 中使用值:

<property name="url" value="ldap://10.10.10.10:389/DC=lab2,DC=ins" />
<property name="base" value="DC=lab2,DC=ins" />
<property name="userDn" value="CN=Ldap Bind,OU=Service Accounts,OU=TECH,DC=lab2,DC=ins" />

例外情况是:

Exception in thread "main" org.springframework.ldap.InvalidNameException: /: [LDAP: error code 34 - 0000208F: NameErr: DSID-031001BA, problem 2006 (BAD_NAME), data 8349, best match of:
    'DC=lab2,DC=ins/dc=lab2,dc=ins'

否则,如果应用程序上下文是这样的:

<property name="url" value="ldap://10.10.10.10:389" />
<property name="base" value="DC=lab2,DC=ins" />
<property name="userDn" value="CN=Ldap Bind,OU=Service Accounts,OU=TECH,DC=lab2,DC=ins" />

例外情况是:

Exception in thread "main" org.springframework.ldap.PartialResultException: nested exception is javax.naming.PartialResultException [Root exception is javax.naming.CommunicationException: lab2.ins:389 [Root exception is java.net.UnknownHostException: lab2.ins]]
    at org.springframework.ldap.support.LdapUtils.convertLdapException(LdapUtils.java:205)

认证方法:

public boolean authenticate(String userName, String password) {
    AndFilter filter = new AndFilter();
    filter.and(new EqualsFilter("objectclass", "person")).and(
                new EqualsFilter("sAMAccountName", userName));
    return ldapTemplate.authenticate(DistinguishedName.EMPTY_PATH, filter
                .toString(), password);
}

应用程序上下文.xml

<bean id="contextSource"
        class="org.springframework.ldap.core.support.LdapContextSource">
    <property name="url" value="ldap://10.10.10.10:389" />
    <property name="base" value="DC=lab2,DC=ins" />
    <property name="userDn" value="CN=Ldap Bind,OU=Service Accounts,OU=TECH,DC=lab2,DC=ins" />
    <property name="password" value="secret" />
    <property name="baseEnvironmentProperties">
        <map>
            <entry key="java.naming.referral">
                <value>follow</value>
            </entry>
        </map>
    </property>
</bean>
<bean id="ldapTemplate" class="org.springframework.ldap.core.LdapTemplate">
    <constructor-arg ref="contextSource" />
</bean>
<bean id="ldapContact"
        class="ldap.ContactLDAP ">
    <property name="ldapTemplate" ref="ldapTemplate" />
</bean>

测试类:

Resource r = new ClassPathResource("applicationContext.xml");
BeanFactory factory = new XmlBeanFactory(r);
ContactLDAP contact = (ContactLDAP) factory.getBean("ldapContact"); 

System.out.println(contact.authenticate("username", "secret"));

我在这里想念什么?

4

2 回答 2

1

你不需要

<property name="base" value="DC=lab2,DC=ins" />

与在 UserDn 中一样,您已经放置了完整的 DN。

    <bean id="contextSource"
            class="org.springframework.ldap.core.support.LdapContextSource">
            <property name="url" value="ldap://10.10.10.10:389" />
            <property name="userDn" value="CN=Ldap Bind,OU=Service Accounts,OU=TECH,DC=lab2,DC=ins" />
            <property name="password" value="secret" />

...

这应该有效。(但我会避免 DN 中的空格)

于 2012-09-11T15:28:55.697 回答
0

可分辨名称中有一个斜线/字符。虽然这是 DN 中的合法字符,但它可能应该是逗号,。另见专有名称

于 2012-08-28T17:10:20.563 回答