我在Spring MVC項目中使用LDAP進行身份驗證的Spring Security 3。 它工作正常,直到我需要將我的項目部署到其他環境並將JDK的版本從1.6更改爲1.7。Spring Security 3不能與JDK 1.7一起工作
下面是我春天的安全配置文件和代碼示例:成功登錄後
1)安全應用程序的context.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans
xmlns:s="http://www.springframework.org/schema/security"
xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="
http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.1.xsd">
<s:http use-expressions="true">
<s:intercept-url pattern="/auth/**" access="permitAll" />
<s:intercept-url pattern="/css/**" access="permitAll" />
<s:intercept-url pattern="/image/**" access="permitAll" />
<s:intercept-url pattern="/scripts/**" access="permitAll" />
<s:intercept-url pattern="/**" access="hasRole('GENERAL_USER')" />
<s:form-login login-page="/auth/login.html"
default-target-url="/welcome.html"
authentication-failure-url="/auth/login.html?error=1" />
<s:access-denied-handler error-page="/auth/denied.html"/>
<s:logout invalidate-session="true" logout-success-url="/auth/logoutSuccess.html"/>
</s:http>
<s:authentication-manager>
<s:authentication-provider ref="ldapAuthProvider" />
</s:authentication-manager>
<bean
id="contextSource"
class="org.springframework.security.ldap.DefaultSpringSecurityContextSource"
scope="singleton">
<constructor-arg
value="ldap://ldapurl:389/dc=o,dc=a" />
<property name="userDn" value="cn=xxx,cn=users,dc=o,dc=a" />
<property name="password" value="password" />
<property name="baseEnvironmentProperties">
<map>
<entry key="java.naming.referral">
<value>follow</value>
</entry>
</map>
</property>
</bean>
<bean id="userSearch"
class="org.springframework.security.ldap.search.FilterBasedLdapUserSearch">
<!-- searchBase, searchFilter, contextSource -->
<constructor-arg index="0" value="" />
<constructor-arg index="1" value="(sAMAccountName={0})" />
<constructor-arg index="2" ref="contextSource" />
</bean>
<bean id="ldapAuthProvider"
class="com.foo.auth.MyLdapAuthenticationProvider">
<constructor-arg>
<bean
class="com.foo.auth.MyLdapAuthenticator">
<constructor-arg ref="contextSource" />
<property name="userSearch">
<ref bean="userSearch" />
</property>
</bean>
</constructor-arg>
<property name="authoritiesPopulator" ref="authoritiesPopulator" />
<property name="userDetailsContextMapper" ref="userDetailsMapper" />
</bean>
<bean id="authoritiesPopulator" class="com.foo.auth.MyLdapAuthoritiesPopulator">
<constructor-arg ref="userService" />
</bean>
<bean id="userService" class="com.foo.auth.MyLdapUserDetailsService">
<constructor-arg ref="userSearch" />
<property name="userDetailsMapper" ref="userDetailsMapper" />
</bean>
<bean id="userDetailsMapper" class="com.foo.auth.MyUserDetailsContextMapper">
</bean>
</beans>
2)將重定向的URL的welcome.jsp,在welcome.jsp,我使用spring security taglib獲取登錄用戶的全名。 (用於測試,我使用的主要顯示整個上下文信息):
<security:authentication property="principal"></security:authentication>
時使用JDK 1.6,主要節目:
[email protected]:.........
,我可以用我的自定義UserDetail的屬性,例如像principal.fullName。 時使用JDK 1.7,主要節目:
它沒有得到我的自定義UserDetail對象。所以如果我使用JDKk1.7,我無法正確地獲取Spring上下文。
這個問題花了我將近1周發現,根本原因是JDK版本的問題;-(
有誰知道爲什麼用LDAP Spring Security沒有在JDK1.7工作?還是我想念的東西配置?
預先感謝您!