0

我想在我的web應用程序中使用LDAP用戶身份驗證與春季安全,但得到error 52e,下面是我的春天安全LDAP驗證碼:春季啓動LDAP身份驗證與LDAP錯誤代碼失敗49 - 80090308數據52E

protected void configure(AuthenticationManagerBuilder auth) throws Exception { 
    auth.ldapAuthentication() 
    .contextSource().url("ldap://192.168.1.5:389/DC=zonetest,DC=lk") 
    .managerDn("[email protected],DC=zonetest,DC=lk").managerPassword("[email protected]") 
    .and() 
    .userSearchBase("OU=SL Users") 
    .userSearchFilter("(CN={0})"); 
} 

我的LDAP結構在屏幕截圖供參考:

我在郵遞員客戶端收到此錯誤

{ 
    "timestamp": 1505368170503, 
    "status": 401, 
    "error": "Unauthorized", 
    "message": "[LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903C5, comment: AcceptSecurityContext error, data 52e, v2580\u0000]; nested exception is javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903C5, comment: AcceptSecurityContext error, data 52e, v2580\u0000]", 
    "path": "/" 
} 

請幫助我。

+0

你確定你可以在OU名稱中使用空格? 「SL用戶」 –

+0

我試圖刪除ou名稱中的空格,並將其作爲「SLUsers」,但仍然是Ldap 52e錯誤。 –

+0

(http://www-01.ibm.com/support/docview.wss?uid=swg21290631)52e出現無效憑證,所以用戶可用,您是否確定使用正確的憑據?你是否對密碼進行了散列/加密? –

回答

0

沒有爲LDAP authentication.i另一種簡單的方法,用下面的代碼做LDAP認證。本工作對我來說就像一個魅力:

  package app.config;  
      import org.springframework.beans.factory.annotation.Value; 
      import org.springframework.context.annotation.Bean; 
      import org.springframework.context.annotation.Configuration; 
      import org.springframework.security.authentication.AuthenticationManager; 
      import org.springframework.security.authentication.AuthenticationProvider; 
      import org.springframework.security.authentication.ProviderManager; 
      import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; 
      import org.springframework.security.config.annotation.web.builders.HttpSecurity; 
      import org.springframework.security.config.annotation.web.builders.WebSecurity; 
      import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; 
      import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; 
      import org.springframework.security.ldap.authentication.ad.ActiveDirectoryLdapAuthenticationProvider; 
      import java.util.Arrays; 

      @Configuration 
      @EnableWebSecurity 
      public class WebSecurityConfigAD extends WebSecurityConfigurerAdapter { 

      @Value("${ad.domain}") 
      private String AD_DOMAIN; 

      @Value("${ad.url}") 
      private String AD_URL; 

      @Override 
      protected void configure(HttpSecurity http) throws Exception { 
       http.authorizeRequests().anyRequest().authenticated().and().httpBasic(); 
      } 

      @Override 
      protected void configure(AuthenticationManagerBuilder authManagerBuilder) throws Exception { 
       authManagerBuilder.authenticationProvider(activeDirectoryLdapAuthenticationProvider()).userDetailsService(userDetailsService()); 
      } 

      @Bean 
      public AuthenticationManager authenticationManager() { 
       return new ProviderManager(Arrays.asList(activeDirectoryLdapAuthenticationProvider())); 
      } 
      @Bean 
      public AuthenticationProvider activeDirectoryLdapAuthenticationProvider() { 
       ActiveDirectoryLdapAuthenticationProvider provider = new ActiveDirectoryLdapAuthenticationProvider(AD_DOMAIN, AD_URL); 
       provider.setConvertSubErrorCodesToExceptions(true); 
       provider.setUseAuthenticationRequestCredentials(true); 

       return provider; 
      } 
      }