1. 首頁
  2. 問答
  3. Spring Security Java配置多組搜索庫

Spring Security Java配置多組搜索庫

2014-10-30 36 views
2

我正在使用Spring Security 3.2.5以及Java配置和LDAP認證/授權。Spring Security Java配置多組搜索庫

我們有要求在LDAP中搜索兩個獨立樹中的組。

OU =組

OU =組,OU =的webapps,OU =應用

我已經搜查,一直無法找到關於此主題的任何信息。

這是工作正常我當前的代碼:

@Autowired 
public void configureGlobal(UserDetailsContextMapper userDetailsContextMapper, LdapContextSource contextSource, AuthenticationManagerBuilder builder) throws Exception { 


    builder 
    .ldapAuthentication() 
     .userDetailsContextMapper(userDetailsContextMapper) 
     .contextSource(contextSource) 
     .userSearchFilter("cn={0}") 
     .userSearchBase("ou=Users") 
     .groupSearchBase("ou=groups"); 


}

我想要做這樣的事情:

builder 
    .ldapAuthentication() 
     .userDetailsContextMapper(userDetailsContextMapper) 
     .contextSource(contextSource) 
     .userSearchFilter("cn={0}") 
     .userSearchBase("ou=Users") 
     .groupSearchBase("ou=groups") 
     .groupSearchBase("ou=Groups,ou=webapps,ou=Applications");

這可以理解不起作用。

任何人都有從哪裏開始的指針?

來源

2014-10-30 Sean Newby

+0

您是否找到解決您的問題的方法?我正在尋找完全相同的東西。謝謝。 – 2016-05-13 17:28:37

回答

0

我的解決方案是創建一個實現org.springframework.security.ldap.userdetails.LdapAuthoritiesPopulator,它可以調用LdapAuthoritiesPopulator的多個實例。然後爲我想查詢的每個「groupSearchBase」創建一個LdapAuthoritiesPopulator

@Autowired 
public void configureGlobal(UserDetailsContextMapper userDetailsContextMapper, LdapContextSource contextSource, AuthenticationManagerBuilder builder) throws Exception { 

    MultipleLdapAuthoritiesPopulator multipleLdapAuthoritiesPopulator = new MultipleLdapAuthoritiesPopulator(
     new DefaultLdapAuthoritiesPopulator(contextSource, "ou=Groups,ou=webapps,ou=Applications"), 
     new DefaultLdapAuthoritiesPopulator(contextSource, "ou=groups")); 

    builder 
     .ldapAuthentication() 
      .ldapAuthoritiesPopulator(multipleLdapAuthoritiesPopulator) 
      .userDetailsContextMapper(userDetailsContextMapper) 
      .contextSource(contextSource) 
      .userSearchFilter("cn={0}") 
      .userSearchBase("ou=Users"); 
} 

class MultipleLdapAuthoritiesPopulator implements LdapAuthoritiesPopulator { 
    private List<LdapAuthoritiesPopulator> authoritiesPopulators; 

    public MultipleLdapAuthoritiesPopulator(LdapAuthoritiesPopulator...authoritiesPopulators) { 
     this.authoritiesPopulators = asList(authoritiesPopulators); 
    } 

    @Override 
    public Collection<? extends GrantedAuthority> getGrantedAuthorities(DirContextOperations userData, String username) { 
     List<GrantedAuthority> grantedAuthorities = authoritiesPopulators.stream() 
      .map(authPopulator -> authPopulator.getGrantedAuthorities(userData, username)) 
      .flatMap(Collection::stream) 
      .collect(Collectors.toList()); 

     return grantedAuthorities; 
    } 
}

來源

2017-02-24 14:45:50 HenrikG

相關問題

 相關問題