2

我正在使用带有 Spring Security 的 CAS + LDAP 对 Grails 2.2.3 应用程序进行用户身份验证。但是,我还想用这个应用程序创建一个简单的 API,它需要不同的身份验证方法。我想为此使用基本身份验证。但是,添加basicAuth到我的Config.groovy文件不起作用,我收到此错误:

authentication.ProviderManager Authentication attempt using org.springframework.security.cas.authentication.CasAuthenticationProvider
www.BasicAuthenticationFilter Authentication request for user: grantmc failed: org.springframework.security.authentication.ProviderNotFoundException: No AuthenticationProvider found for org.springframework.security.authentication.UsernamePasswordAuthenticationToken

我知道我使用的是正确的凭据,所以我不确定错误到底在说什么或者我需要做什么来修复它。有没有人有任何想法?

以下是 resources.groovy 中的设置:

initialDirContextFactory(DefaultSpringSecurityContextSource, "ldap://ldap.company.com:389") {
    userDn = "CN=Admin,OU=Users,DC=company,DC=com"
    password = "password"
}

ldapUserSearch(FilterBasedLdapUserSearch,
               "OU=Users,DC=company,DC=com",
               "employeeId={0}",
               initialDirContextFactory) { }

ldapUserDetailsMapper(MyLdapUserDetailsContextMapper) { }

ldapAuthoritiesPopulator(DefaultLdapAuthoritiesPopulator,
                         initialDirContextFactory,
                         "ou=Groups,OU=Users,DC=company,DC=com") {
    groupRoleAttribute = "cn"
    groupSearchFilter = "member={0}"
    rolePrefix = ""
    searchSubtree = true
    convertToUpperCase = true
    ignorePartialResultException = true
}

userDetailsService(LdapUserDetailsService, ldapUserSearch, ldapAuthoritiesPopulator) {
    userDetailsMapper = ref('ldapUserDetailsMapper')
}

我在 config.groovy 中的设置:

grails.plugins.springsecurity.cas.serverUrlPrefix = 'https://cas.company.com/cas'
grails.plugins.springsecurity.cas.loginUri = "/login"
grails.plugins.springsecurity.cas.serviceUrl = "${grails.serverURL}/j_spring_cas_security_check"
grails.plugins.springsecurity.providerNames = ['casAuthenticationProvider']
grails.plugins.springsecurity.defaultTargetUrl = '/'
grails.plugins.springsecurity.alwaysUseDefault = false

grails.plugins.springsecurity.useBasicAuth = true
grails.plugins.springsecurity.basic.realmName = "API"
grails.plugins.springsecurity.filterChain.chainMap = [
        '/api/**': 'JOINED_FILTERS,-exceptionTranslationFilter',
        '/**': 'JOINED_FILTERS,-basicAuthenticationFilter,-basicExceptionTranslationFilter'
]

grails.plugins.springsecurity.securityConfigType = 'InterceptUrlMap'
grails.plugins.springsecurity.interceptUrlMap = [
        '/api/**': ['IS_AUTHENTICATED_FULLY'],
        '/**': ['IS_AUTHENTICATED_FULLY']
]
4

0 回答 0