那些遇到过的问题

相关疑难解决方法(0)

Spring安全性切换到Ldap身份验证和数据库权限

我为我的网页和Web服务实现了数据库身份验证.它适用于两者,现在我必须添加Ldap身份验证.我必须通过远程Ldap服务器进行身份验证(使用用户名和密码),如果用户存在,我必须使用我的数据库作为用户角色(在我的数据库用户名中是与Ldap相同的用户名).所以我必须从我的实际代码切换到Ldap和数据库身份验证,如上所述.我的代码是:SecurityConfig类

@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(securedEnabled = true, prePostEnabled = true, proxyTargetClass = true)
public class SecurityConfig extends WebSecurityConfigurerAdapter {

    @Autowired
    @Qualifier("userDetailsService")
    UserDetailsService userDetailsService;

    @Autowired
    public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
        auth.userDetailsService(userDetailsService).passwordEncoder(passwordEncoder());
    }

    @Bean
    public PasswordEncoder passwordEncoder(){
        PasswordEncoder encoder = new BCryptPasswordEncoder();
        return encoder;
    }

    @Configuration
    @Order(1)
    public static class ApiWebSecurityConfig extends WebSecurityConfigurerAdapter{
        @Override
        protected void configure(HttpSecurity http) throws Exception {
             http.csrf().disable()
             .antMatcher("/client/**")
             .authorizeRequests()
             .anyRequest().authenticated()
             .and()
             .httpBasic();
        }
    }

    @Configuration
    @Order(2)
    public static class FormWebSecurityConfig extends WebSecurityConfigurerAdapter{

        @Override
        public void configure(WebSecurity …
Run Code Online (Sandbox Code Playgroud)

java mysql authentication spring ldap

luc*_*uca
2016 01-09
18
推荐指数
1
解决办法
2万
查看次数

Spring 5 LDAP 身份验证和 JWT 令牌作为响应

您好,我一直在尝试配置 spring,使其在用户/密码通过 LDAP 服务器身份验证时返回 JWT 令牌;考虑下面的用例;

在此处输入图片说明

在上图中,我已将 WebSecurity 配置为使用 Bearer 检查/过滤请求。见下面的代码

网络安全配置文件

@Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

    @Autowired
    private JwtAuthenticationEntryPoint unauthorizedHandler;

    @Autowired
    JwtAuthorizationTokenFilter authenticationTokenFilter;

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        // Configure Web Security
        // Allow only /auth/
        // Disallow all others
        http
        .csrf().disable()
        .exceptionHandling().authenticationEntryPoint(unauthorizedHandler)
        .and()
        .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
        .and()
        .authorizeRequests()
        .antMatchers(HttpMethod.POST,
                     "/auth/**")
        .permitAll()
        .anyRequest().authenticated();      

        //Custom JWT 
        http.addFilterBefore(authenticationTokenFilter, UsernamePasswordAuthenticationFilter.class);

        // disable page caching
        http.headers().cacheControl();

    }
}
Run Code Online (Sandbox Code Playgroud)

验证控件.java

@RestController
@RequestMapping("auth")
public class AuthCtrl {

    private static final Logger …
Run Code Online (Sandbox Code Playgroud)

java spring spring-security spring-ldap jwt

lem*_*des
2018 09-02
6
推荐指数
1
解决办法
1万
查看次数

标签 统计

java ×2

spring ×2

authentication ×1

jwt ×1

ldap ×1

mysql ×1

spring-ldap ×1

spring-security ×1