如何将Spring安全性从ldap更改为ldap starttls.
我正在使用Spring Security和LDAP在Springs中编写一个项目.我一切正常,然后管理员用starttls将其更改为ldap.有人可以告诉我如何更新我的xml文件以使我的项目再次工作.
<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:jdbc="http://www.springframework.org/schema/jdbc"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/jdbc
http://www.springframework.org/schema/jdbc/spring-jdbc-3.0.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.0.xsd"
xmlns="http://www.springframework.org/schema/security" >
<http
auto-config="true"
use-expressions="true" >
<intercept-url
access="hasRole('ROLE_MEMBER_INQUIRY')"
pattern="/requests/**" />
</http>
<authentication-manager >
<ldap-authentication-provider
user-search-base="ou=webusers"
user-search-filter="(uid={0})" >
<password-compare >
<password-encoder ref="passwordEncoder" >
</password-encoder>
</password-compare>
</ldap-authentication-provider>
</authentication-manager>
<beans:bean
id="passwordEncoder"
class="org.springframework.security.authentication.encoding.Md5PasswordEncoder" >
</beans:bean>
<beans:bean
id="contextSource"
class="org.springframework.security.ldap.DefaultSpringSecurityContextSource" >
<beans:constructor-arg value="ldap://10.52.208.228:389/dc=xxxxx,dc=dev" />
<beans:property
name="userDn"
value="cn=Manager,dc=xxxxx,dc=dev" />
<beans:property
name="password"
value="secret" />
</beans:bean>
<beans:bean
id="ldapAuthProvider"
class="org.springframework.security.ldap.authentication.LdapAuthenticationProvider" >
<beans:constructor-arg >
<beans:bean class="org.springframework.security.ldap.authentication.BindAuthenticator" >
<beans:constructor-arg ref="contextSource" />
<beans:property name="userDnPatterns" >
<beans:list >
<beans:value >
uid={0},ou=webusers
</beans:value>
</beans:list>
</beans:property>
</beans:bean>
</beans:constructor-arg>
<beans:constructor-arg >
<beans:bean class="org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator" >
<beans:constructor-arg ref="contextSource" />
<beans:constructor-arg value="ou=groups" />
<beans:property
name="groupRoleAttribute"
value="ou" />
</beans:bean>
</beans:constructor-arg>
</beans:bean>
<ldap-server url="ldap://10.52.208.228:389/dc=xxxxx,dc=dev" />
<beans:bean
id="propertyConfigurer"
class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer" >
<beans:property
name="location"
value="classpath:jdbc.properties" />
</beans:bean>
<beans:bean
id="dataSource"
class="org.apache.commons.dbcp.BasicDataSource" >
<beans:property
name="driverClassName"
value="${database.driver}" />
<beans:property
name="url"
value="${database.url}" />
<beans:property
name="username"
value="${database.user}" />
<beans:property
name="password"
value="${database.password}" />
<beans:property
name="initialSize"
value="5" />
<beans:property
name="maxActive"
value="10" />
</beans:bean>
</beans:beans>
解决方法:
您需要在配置中向ContextSource提供DirContextAuthenticationStrategy实现.
看到:
http://static.springsource.org/spring-ldap/site/reference/html/configuration.html