我正在嘗試使用spring-security與我設置的本地ADAM實例進行交談。使用LDAP針對使用彈簧安全性的ADAM進行身份驗證
我已經成功安裝了ADAM和設置如下....
- 實例在本地主機上運行:389
- 根是
O=Company
- 稱爲
OU=Company Users
(orgnizationalUnit)孩子- 稱爲
CN=Mike Q
的花生(用戶) uid = mike
和password = welcome
- 稱爲
- 稱爲
然後我有安裝彈簧安全(版本3.0.3,彈簧框架3.0.4和彈簧LDAP 1.3.0)。春天文件
<security:ldap-server id="contextSource" url="ldap://localhost:389/o=Company"/>
<security:authentication-manager>
<security:ldap-authentication-provider user-dn-pattern="uid={0},ou=Company Users"/>
</security:authentication-manager>
<bean class="com.xxx.test.TestAuthentication" lazy-init="false"/>
而且TestAuthentication
public class TestAuthentication
{
@Autowired
private AuthenticationManager authenticationManager;
public void initialise()
{
Authentication authentication = new UsernamePasswordAuthenticationToken("mike", "welcome");
Authentication reponseAuthentication = authenticationManager.authenticate(authentication);
}
}
運行此我得到以下錯誤
Caused by: javax.naming.AuthenticationException: [LDAP: error code 49 - 8009030C: LdapErr: DSID-0C090336, comment: AcceptSecurityContext error, data 2030, vece]
at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3041)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2987)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2789)
at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2703)
at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:293)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:175)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:193)
at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:136)
at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:66)
at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:667)
at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:288)
at javax.naming.InitialContext.init(InitialContext.java:223)
at javax.naming.ldap.InitialLdapContext.<init>(InitialLdapContext.java:134)
at org.springframework.ldap.core.support.LdapContextSource.getDirContextInstance(LdapContextSource.java:43)
at org.springframework.ldap.core.support.AbstractContextSource.createContext(AbstractContextSource.java:254)
如果有人能指出我要去哪裏錯了,我會很感激。在這一點上,我只想使用LDAP來驗證輸入的用戶/密碼,沒有比這更復雜的了。
我也對一些一般觀點感興趣,因爲這是我第一次進入LDAP世界。
- LDAP是否區分大小寫?
- 是否最好避免空格?
- 什麼是避免在LDAP查詢中以明文形式發送密碼的一般用例/最佳實踐?