我有一个使用LDAP身份验证的Java EE Web应用程序.我使用Spring安全性使用以下代码连接到我的LDAP:
<bean id="ldapContextSource" class="com.myapp.security.authentication.MySecurityContextSource">
<constructor-arg index="0" value="${ldap.url}" />
<constructor-arg index="1" ref="userConnexion" />
</bean>
<security:authentication-manager alias="authenticationManager">
<security:authentication-provider ref="ldapAuthProvider" />
</security:authentication-manager>
<bean id="userConnexion" class="com.myapp.util.security.WebsphereCredentials">
<constructor-arg value="${ldap.authJndiAlias}" />
</bean>
<bean id="ldapAuthProvider" class="org.springframework.security.ldap.authentication.LdapAuthenticationProvider">
<constructor-arg>
<bean class="org.springframework.security.ldap.authentication.BindAuthenticator">
<constructor-arg ref="ldapContextSource" />
<property name="userSearch" ref="userSearch" />
</bean>
</constructor-arg>
<constructor-arg>
<bean class="com.myapp.security.authentication.MyAuthoritiesPopulator" >
<property name="userService" ref="userService" />
</bean>
</constructor-arg>
<property name="userDetailsContextMapper" ref="myUserDetailsContextMapper"/>
<property name="hideUserNotFoundExceptions" value="false" />
</bean>
实际上,我的bean 在此响应中WebsphereCredentials使用WebSphere私有类WSMappingCallbackHandlerFactory:如何从部署到Websphere 6.1的EJB访问身份验证别名
我们可以在官方websphere文档中看到它:http://pic.dhe.ibm.com/infocenter/wasinfo/v6r1/index.jsp?topic =% 2Fcom.ibm.websphere.express.doc%2Finfo%2Fexp% 2Fae %2Frsec_pluginj2c.html
但我不想要它,因为: