1. 首頁
  2. 問答
  3. 通過MySQL-LDAP-Thymeleaf以彈簧安全登錄

通過MySQL-LDAP-Thymeleaf以彈簧安全登錄

2015-09-15 70 views
0

這是我第一次與春天和Ldap,所以我有幾個困難,使一個網站登錄。我閱讀了大量的示例,指南和文檔,但現在我很困惑這幾種類型的實現。 在我第一次登錄頁面時,用戶輸入自己的用戶名和密碼,如果用戶名和密碼正確,我會檢查數據庫。如果不是,我必須使用Ldap來驗證用戶並將數據添加到數據庫。 我正在尋找最好的方式來做到這一點,在我的項目中,我正在使用Spring的REst webservice和數據庫,所以我想用spring甚至用ldap登錄。我發現了幾個文件,但所有區別對待,有些與XML文件和一些我喜歡的類和註釋。我從來沒有使用過spring,ldap和login機制,有沒有這樣的例子?我必須做什麼? 這是我的項目結構:通過MySQL-LDAP-Thymeleaf以彈簧安全登錄

enter image description here

任何想法,感謝

到現在爲止我做這個項目從零,然後,如果它的工作原理,把它放到我的項目:

​​

apllicationContext.xml

<?xml version="1.0" encoding="UTF-8"?> 
<beans xmlns="http://www.springframework.org/schema/beans" 
     xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
     xsi:schemaLocation="http://www.springframework.org/schema/beans 
          http://www.springframework.org/schema/beans/spring-beans-3.1.xsd"> 
    <!-- Security (authentication and authorization) configuration --> 
    <import resource="applicationContext-security.xml" /> 
</beans>

的applicationContext-安全

<?xml version="1.0" encoding="UTF-8"?> 
<beans:beans xmlns="http://www.springframework.org/schema/security" 
      xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
      xmlns:beans="http://www.springframework.org/schema/beans" 
      xsi:schemaLocation="http://www.springframework.org/schema/beans 
           http://www.springframework.org/schema/beans/spring-beans-3.2.xsd 
           http://www.springframework.org/schema/security 
           http://www.springframework.org/schema/security/spring-security-3.2.xsd"> 

    <!-- Authentication using a memory user list --> 
     <beans:bean id='customUserDetailsService' class='com.service.CustomUserDetailsService'> 
     </beans:bean> 
    <authentication-manager alias="authenticationManager"> 
     <authentication-provider user-service-ref="customUserDetailsService"> 
      <password-encoder hash="md5"/> 
     </authentication-provider> 
    </authentication-manager> 
    <http auto-config="true" use-expressions="true"> 
     <!-- Login pages --> 
     <!-- <form-login login-page="/user-login.html" default-target-url="/success-login.html" authentication-failure-url="/error-login.html"> 
     <logout logout-success-url="/index.html"> 

     </logout></form-login></intercept-url></intercept-url></http> --> 

     <form-login login-page="/login.html" authentication-failure-url="/login-error.html" /> 
     <logout /> 
     <!-- Security zones --> 
     <intercept-url pattern="/admin/**" access="hasRole('ROLE_ADMIN')" /> 
     <intercept-url pattern="/user/**" access="hasRole('ROLE_USER')" /> 
     <intercept-url pattern="/shared/**" access="hasAnyRole('ROLE_USER','ROLE_ADMIN')" /> 
    </http> 

</beans:beans>

springServlet

<?xml version="1.0" encoding="UTF-8"?> 
<beans xmlns="http://www.springframework.org/schema/beans" 
     xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
     xmlns:mvc="http://www.springframework.org/schema/mvc" 
     xmlns:context="http://www.springframework.org/schema/context" 
     xsi:schemaLocation="http://www.springframework.org/schema/mvc 
          http://www.springframework.org/schema/mvc/spring-mvc-3.1.xsd 
          http://www.springframework.org/schema/beans 
          http://www.springframework.org/schema/beans/spring-beans-3.1.xsd 
          http://www.springframework.org/schema/context 
          http://www.springframework.org/schema/context/spring-context-3.1.xsd"> 


    <!-- Use spring servlet for all requests, including static resources --> 
    <mvc:default-servlet-handler/> 


    <!-- Use @MVC annotations --> 
    <mvc:annotation-driven /> 


    <!-- User @Controller, @Service... annotations --> 
    <context:component-scan base-package="com" /> 


    <!-- Thymeleaf template engine --> 
    <bean id="templateResolver" class="org.thymeleaf.templateresolver.ServletContextTemplateResolver"> 
     <property name="prefix" value="/WEB-INF/templates/" /> 
     <property name="templateMode" value="HTML5" /> 
     <property name="characterEncoding" value="UTF-8" /> 
     <!-- Template cache is true by default. Set to false if you want --> 
     <!-- templates to be automatically updated when modified.  --> 
     <property name="cacheable" value="true" /> 
    </bean> 

    <bean id="templateEngine" class="org.thymeleaf.spring4.SpringTemplateEngine"> 
     <property name="templateResolver" ref="templateResolver" /> 
     <property name="additionalDialects"> 
      <set> 
       <bean class="org.thymeleaf.extras.springsecurity3.dialect.SpringSecurityDialect" /> 
      </set> 
     </property> 
    </bean> 

    <bean id="viewResolver" class="org.thymeleaf.spring4.view.ThymeleafViewResolver"> 
     <property name="templateEngine" ref="templateEngine" /> 
     <property name="characterEncoding" value="UTF-8" /> 
    </bean> 

</beans>

的web.xml

<?xml version="1.0" encoding="UTF-8"?> 
<web-app id="stsm" version="2.4" xmlns="http://java.sun.com/xml/ns/j2ee" 
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
    xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"> 

    <!-- Spring --> 
    <listener> 
     <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class> 
    </listener> 
    <!-- Spring MVC front controller --> 
    <servlet> 
     <servlet-name>spring</servlet-name> 
     <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class> 
     <load-on-startup>1</load-on-startup> 
    </servlet> 
    <servlet-mapping> 
     <servlet-name>spring</servlet-name> 
     <url-pattern>/</url-pattern> 
    </servlet-mapping> 
    <!-- Spring security --> 
    <filter> 
     <filter-name>springSecurityFilterChain</filter-name> 
     <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class> 
    </filter> 
    <filter-mapping> 
     <filter-name>springSecurityFilterChain</filter-name> 
     <url-pattern>/*</url-pattern> 
    </filter-mapping> 
    <!-- Error pages --> 
    <error-page> 
     <exception-type>java.lang.Throwable</exception-type> 
     <location>/error.html</location> 
    </error-page> 
    <error-page> 
     <error-code>400</error-code> 
     <location>/error.html</location> 
    </error-page> 
    <error-page> 
     <error-code>401</error-code> 
     <location>/error.html</location> 
    </error-page> 
    <error-page> 
     <error-code>403</error-code> 
     <location>/error.html</location> 
    </error-page> 
    <error-page> 
     <error-code>404</error-code> 
     <location>/error.html</location> 
    </error-page> 
    <error-page> 
     <error-code>500</error-code> 
     <location>/error.html</location> 
    </error-page> 
    <error-page> 
     <error-code>503</error-code> 
     <location>/error.html</location> 
    </error-page> 
</web-app>

userDAO的

package dao; 

import model.User; 

public interface UserDao { 
    public User getUser(String login); 
}

在UserDAOImpl

package dao; 

import java.util.ArrayList; 
import java.util.List; 

import org.hibernate.Query; 
import org.hibernate.Session; 
import org.hibernate.SessionFactory; 
import org.springframework.beans.factory.annotation.Autowired; 
import org.springframework.stereotype.Repository; 

import model.User; 


@Repository 
public class UserDaoImpl implements UserDao { 

    @Autowired 
    private SessionFactory sessionFactory; 

    private Session openSession() { 
     return sessionFactory.getCurrentSession(); 
    } 

    public User getUser(String login) { 
     List<User> userList = new ArrayList<User>(); 
     Query query = openSession().createQuery("from User u where u.login = :login"); 
     query.setParameter("login", login); 
     userList = query.list(); 
     if (userList.size() > 0) 
      return userList.get(0); 
     else 
      return null;  
    } 

}

HibernateConfiguration

package com.configuration; 

    import java.util.Properties; 

    import javax.sql.DataSource; 

    import org.hibernate.jpa.HibernatePersistenceProvider; 
    import org.springframework.beans.factory.annotation.Autowired; 
    import org.springframework.context.annotation.Bean; 
    import org.springframework.context.annotation.ComponentScan; 
    import org.springframework.context.annotation.Configuration; 
    import org.springframework.context.annotation.PropertySource; 
    import org.springframework.core.env.Environment; 
    import org.springframework.jdbc.datasource.DriverManagerDataSource; 
    import org.springframework.orm.hibernate4.LocalSessionFactoryBean; 
    import org.springframework.orm.jpa.JpaTransactionManager; 
    import org.springframework.orm.jpa.LocalContainerEntityManagerFactoryBean; 
    import org.springframework.transaction.annotation.EnableTransactionManagement; 

    @Configuration 
    @EnableTransactionManagement 
    @ComponentScan({ "com" }) 
    @PropertySource(value = { "classpath:application.properties" }) 
    public class HibernateConfiguration { 

     private static final String PROPERTY_NAME_DATABASE_DRIVER = "db.driver"; 
     private static final String PROPERTY_NAME_DATABASE_PASSWORD = "db.password"; 
     private static final String PROPERTY_NAME_DATABASE_URL = "db.url"; 
     private static final String PROPERTY_NAME_DATABASE_USERNAME = "db.username"; 

     private static final String PROPERTY_NAME_HIBERNATE_DIALECT = "hibernate.dialect"; 
     private static final String PROPERTY_NAME_HIBERNATE_SHOW_SQL = "hibernate.show_sql"; 
     private static final String PROPERTY_NAME_ENTITYMANAGER_PACKAGES_TO_SCAN = "entitymanager.packages.to.scan"; 

     @Autowired 
     private Environment env; 

     @Bean 
     public LocalContainerEntityManagerFactoryBean entityManagerFactory() { 
      LocalContainerEntityManagerFactoryBean entityManagerFactoryBean = new LocalContainerEntityManagerFactoryBean(); 
      entityManagerFactoryBean.setDataSource(dataSource()); 
      entityManagerFactoryBean.setPersistenceProviderClass(HibernatePersistenceProvider.class); 
      entityManagerFactoryBean.setPackagesToScan(env.getRequiredProperty(PROPERTY_NAME_ENTITYMANAGER_PACKAGES_TO_SCAN)); 

      entityManagerFactoryBean.setJpaProperties(hibProperties()); 

      return entityManagerFactoryBean; 
     } 

     @Bean 
     public DataSource dataSource() { 
      DriverManagerDataSource dataSource = new DriverManagerDataSource(); 

      dataSource.setDriverClassName(env.getRequiredProperty(PROPERTY_NAME_DATABASE_DRIVER)); 
      dataSource.setUrl(env.getRequiredProperty(PROPERTY_NAME_DATABASE_URL)); 
      dataSource.setUsername(env.getRequiredProperty(PROPERTY_NAME_DATABASE_USERNAME)); 
      dataSource.setPassword(env.getRequiredProperty(PROPERTY_NAME_DATABASE_PASSWORD)); 

      return dataSource; 
     } 

     private Properties hibProperties() { 
      Properties properties = new Properties(); 
      properties.put(PROPERTY_NAME_HIBERNATE_DIALECT, env.getRequiredProperty(PROPERTY_NAME_HIBERNATE_DIALECT)); 
      properties.put(PROPERTY_NAME_HIBERNATE_SHOW_SQL, env.getRequiredProperty(PROPERTY_NAME_HIBERNATE_SHOW_SQL)); 
      return properties; 
     } 

     @Bean 
     public JpaTransactionManager transactionManager() { 
      JpaTransactionManager transactionManager = new JpaTransactionManager(); 
      transactionManager.setEntityManagerFactory(entityManagerFactory().getObject()); 
      return transactionManager; 
     } 

      @Bean 
     public LocalSessionFactoryBean sessionFactory() { 
      LocalSessionFactoryBean sessionFactory = new LocalSessionFactoryBean(); 
      sessionFactory.setDataSource(dataSource()); 
      sessionFactory.setPackagesToScan(new String[] { "com.websystique.spring.model" }); 
      sessionFactory.setHibernateProperties(hibProperties()); 
      return sessionFactory; 
     } 


    }

我有個問題與CustomUserDetailsS​​ervice因爲model.User domainUser = UserDao.getUser(登錄);有UserDao null 是對的:

<!-- User @Controller, @Service... annotations --> 
    <context:component-scan base-package="com" />

來源

2015-09-15 luca

回答

0

使用Spring引導以下類是足以提供基於Spring的安全LDAP認證: -

@Configuration 
@EnableWebMvcSecurity 
public class SecurityConfig extends WebSecurityConfigurerAdapter { 

    @Override 
    protected void configure(HttpSecurity http) throws Exception { 
     http.authorizeRequests().anyRequest().fullyAuthenticated().and().httpBasic(); 
    } 

    @Configuration 
    protected static class AuthenticationConfig extends GlobalAuthenticationConfigurerAdapter { 

     @Bean 
     public LdapContextSource contextSource() { 
      LdapContextSource ctx = new LdapContextSource(); 
      try { 
       ctx.setUrl("aaa"); 
       ctx.setBase("bbb"); 
       ctx.setUserDn("ccc"); 
       ctx.setPassword("ddd"); 
       ctx.setReferral("follow"); 
       ctx.afterPropertySet(); 
      } catch (Exception ex) { 
       ex.printStackTrace(); 
      } 
      return ctx; 
     } 

     @Override 
     public void init(AuthenticationmanagerBuilder auth) throws Exception { 
      auth.ldapAuthentication().contextSource(contextSource()).userSearchFilter("sAMAccountName={0}"); 
     } 
    } 
}

來源

2015-09-15 10:45:51 Avis

+0

我上面張貼我的代碼沒有的Ldap – luca

+0

@https://github.com/spring-projects/ spring-security/blob/master/core/src/main/java/org/springframework/security/authentication/dao/DaoAuthenticationProvider.java spring-security源代碼,以下是它提供默認salt驗證密碼的部分: - if(!passwordEncoder.isPasswordValid(userDetails.getPassword(), \t \t \t \t p resentedPassword,salt)){ \t \t \t記錄器。調試(「驗證失敗:密碼與存儲值不匹配」); ................... \t \t \t} – Avis

+0

我想在更改它之前測試我的代碼,但是我有CustomUserDetailsS​​ervice的問題,因爲model.User domainUser = UserDao .getUser(登錄);有UserDao null。 此代碼從一個例子派生網頁,但行<豆類:豆類ID =「customUserDetailsS​​ervice」級=「service.CustomUserDetailsS​​ervice」> 在aplicationCOntext-securety是由我添加 – luca

相關問題

 相關問題