LDAP:空binddn“”,身份验证类型从无变为简单
LDAP:空binddn“”,身份验证类型从无变为简单
提问于 2019-06-12 17:30:01
我正在用Spring MVC & JPA和Spring Security开发一个应用程序。现在通过LDAP集成OUD (Oracle Unified Directory)。在用户身份验证时,OUD日志文件中来自LDAP的响应为
连接conn=909681从*到*:1636 protocol=LDAPS
Bind REQ conn=909681 op=0 msgID=1 type=SIMPLE dn="“version=3
BindRES conn=909681 op=0 msgID=1 result=1 message=“目录服务器找不到绑定dn的网络组"”,因为客户端连接与任何网络组的连接条件都不匹配。“
DISCONNECT conn=909681 reason="Client Disconnect“
security.xml文件中应用程序和LDAP之间的映射
<bean id="contextSource" class="org.springframework.security.ldap.DefaultSpringSecurityContextSource">
<constructor-arg value="ldaps://192.168.0.182:1636/o=company"/>
<property name="userDn" value="cn=userid,ou=groups,o=company"/>
<property name="password" value="password"/>
</bean>
<bean id="ldapAuthProvider" class="org.springframework.security.ldap.authentication.LdapAuthenticationProvider" >
<constructor-arg>
<bean class="in.web.service.impl.CustomLdapBindAuthenticator">
<constructor-arg ref="contextSource"/>
<property name="userDnPatterns">
<list>
<value>cn={0},ou=groups</value>
</list>
</property>
</bean>
</constructor-arg>
<constructor-arg>
<bean class="in.web.service.impl.CustomLdapUserAuthoritiesPopulator">
</bean>
</constructor-arg>
</bean>CustomLdapBindAuthenticator中的代码
public LdapUserDetails search(String cn) throws Exception {
Hashtable env = new Hashtable();
String sp = "com.sun.jndi.ldap.LdapCtxFactory";
env.put(Context.INITIAL_CONTEXT_FACTORY, sp);
String [] urls = contextSource.getUrls();
for(String url: urls){
System.out.println("ldapurls="+url);
}
env.put(Context.PROVIDER_URL, urls[0]);
DirContext dctx = new InitialDirContext(env);
String base = "ou=groups,o=company";
System.out.println("BASE DN="+base);
SearchControls sc = new SearchControls();
String[] attributeFilter = {"cn", "fullName", "mail", "l", "mobile"};
sc.setReturningAttributes(attributeFilter);
sc.setSearchScope(SearchControls.SUBTREE_SCOPE);
String filter = "(&(cn="+cn+")(objectClass=*))";
NamingEnumeration results = dctx.search(base, filter, sc);
LdapUserDetails user = new LdapUserDetails();
while (results.hasMore()) {
SearchResult sr = (SearchResult) results.next();
Attributes attrs = sr.getAttributes();
user.setCn(getAttribute(attrs, "cn"));
user.setFullName(getAttribute(attrs, "fullName"));
user.setMail(getAttribute(attrs, "mail"));
user.setMobile(getAttribute(attrs, "mobile"));
user.setLocation(getAttribute(attrs, "l"));
}
dctx.close();
return user;
}Pl。帮我解决问题
,
- ,我没有提到简单的身份验证。从我在日志文件中获取type=simple的位置
- 为什么我获取dn="“提前感谢
页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/56563468
复制相关文章
相似问题