问题描述
我正在尝试在Sprint Boot应用程序中实现LDAP身份验证.在测试环境中,我已经安装了用于身份验证的Active Directory LDP服务.我已经在AD实例中创建了一个用户,启用了该帐户并设置了密码.然后,我尝试通过Spring登录表单使用此帐户进行身份验证.
I am trying to implement LDAP authentication in a Sprint Boot application. In the test environment I have installed an Active Directory LDP service with which to authenticate. I have created a user within the AD instance, enabled the account and set a password. I am then trying to authenticate using this account from the Spring login form.
当我尝试使用AD登录时,收到错误消息:
When I try to log in using AD I get an error message:
原因:凭据不正确
由于我是AD和Spring的新手,所以我很可能配置错误(或者两者都不正确!).
As I am new to both AD and Spring it is quite possible I have mis-configured either (or both!).
您对我如何进一步诊断此问题有任何建议,或者我可能错过了明显的事情吗?
我的Spring Boot代码(我对此代码尝试了许多不同的变体,这是一个示例):
My Spring Boot code (I have tried a number of different variations on this code, this is one example):
@Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.anyRequest().fullyAuthenticated()
.and()
.formLogin();
}
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.authenticationProvider(activeDirectoryLdapAuthenticationProvider());
}
@Bean
public AuthenticationManager authenticationManager() {
return new ProviderManager(Arrays.asList(activeDirectoryLdapAuthenticationProvider()));
}
@Bean
public AuthenticationProvider activeDirectoryLdapAuthenticationProvider() {
ActiveDirectoryLdapAuthenticationProvider provider =
new ActiveDirectoryLdapAuthenticationProvider("foo.bar", "ldap://servername:389");
provider.setConvertSubErrorCodesToExceptions(true);
provider.setUseAuthenticationRequestCredentials(true);
return provider;
}
}
推荐答案
事实证明,我的Java实现没有错.问题似乎与AD LDP配置有关.我尝试连接到另一个已知的AD LDP良好实例,并且身份验证第一次起作用.
It turns out that there was nothing wrong with my Java implementation. The issue appears to be with the AD LDP configuration. I tried connecting to another, known good instance of AD LDP and authentication worked first time.
我将把它标记为答案,因为我不再对此问题的解决方案感兴趣,希望将其结束...
I am going to mark this as the answer as I am no longer interested in a solution to this question and wish to close it down...
这篇关于使用Spring Boot应用程序中的AD LDP进行LDAP身份验证的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!