2

我可以有一个 Spring Security 项目,在该项目中我针对 LDAP 进行身份验证并针对数据库为经过身份验证的用户设置权限吗?

谢谢!

4

2 回答 2

1

我已经解决了这个问题,答案在上面:

<authentication-manager >
    <authentication-provider ref="ldapAuthProvider" />            
</authentication-manager>


<beans:bean id="contextSource"
    class="org.springframework.security.ldap.DefaultSpringSecurityContextSource">        
<beans:constructor-arg value="ldap://IP:port/...."/>

</beans:bean>

<beans:bean id="ldapAuthProvider"
   class="org.springframework.security.ldap.authentication.LdapAuthenticationProvider">
    <beans:constructor-arg>
    <beans:bean class="org.springframework.security.ldap.authentication.BindAuthenticator">
    <beans:constructor-arg ref="contextSource"/>
    <beans:property name="userSearch" ref="ldapUserSearch" />
    </beans:bean>
    </beans:constructor-arg>
    <beans:constructor-arg>
    <beans:bean
    class="prpa.athos.security.listener.MyLDAPAuthorities">
    </beans:bean>
    </beans:constructor-arg>
    </beans:bean>
    <beans:bean id="authenticationSuccessListener"   
    class="prpa.athos.security.listener.AuthenticationSuccessListener">
    </beans:bean>        
    <beans:bean id="ldapUserSearch"   
    class="org.springframework.security.ldap.search.FilterBasedLdapUserSearch">
    <beans:constructor-arg index="0" value=""/>
    <beans:constructor-arg index="1" value="(uid={0})"/>
    <beans:constructor-arg index="2" ref="contextSource" />
    </beans:bean>

在 MyLDAPAuthorities 类上,我实现了 LdapAuthoritiesPopulator 类获取权限表单数据库。

于 2012-09-12T13:13:55.523 回答
0

是的,您将需要一个LdapBindAuthenticator基于 DAO 的AuthoritiesPopulator.

于 2012-09-06T18:36:26.317 回答