1. 首页
  2. 问答
  3. Spring Security Java配置多组搜索库

Spring Security Java配置多组搜索库

2014-10-30 115 views
2

我正在使用Spring Security 3.2.5以及Java配置和LDAP认证/授权。Spring Security Java配置多组搜索库

我们有要求在LDAP中搜索两个独立树中的组。

OU =组

OU =组,OU =的webapps,OU =应用

我已经搜查,一直无法找到关于此主题的任何信息。

这是工作正常我当前的代码:

@Autowired 
public void configureGlobal(UserDetailsContextMapper userDetailsContextMapper, LdapContextSource contextSource, AuthenticationManagerBuilder builder) throws Exception { 


    builder 
    .ldapAuthentication() 
     .userDetailsContextMapper(userDetailsContextMapper) 
     .contextSource(contextSource) 
     .userSearchFilter("cn={0}") 
     .userSearchBase("ou=Users") 
     .groupSearchBase("ou=groups"); 


}

我想要做这样的事情:

builder 
    .ldapAuthentication() 
     .userDetailsContextMapper(userDetailsContextMapper) 
     .contextSource(contextSource) 
     .userSearchFilter("cn={0}") 
     .userSearchBase("ou=Users") 
     .groupSearchBase("ou=groups") 
     .groupSearchBase("ou=Groups,ou=webapps,ou=Applications");

这可以理解不起作用。

任何人都有从哪里开始的指针?

来源

2014-10-30 Sean Newby

+0

您是否找到解决您的问题的方法?我正在寻找完全相同的东西。谢谢。 – 2016-05-13 17:28:37

回答

0

我的解决方案是创建一个实现org.springframework.security.ldap.userdetails.LdapAuthoritiesPopulator,它可以调用LdapAuthoritiesPopulator的多个实例。然后为我想查询的每个“groupSearchBase”创建一个LdapAuthoritiesPopulator

@Autowired 
public void configureGlobal(UserDetailsContextMapper userDetailsContextMapper, LdapContextSource contextSource, AuthenticationManagerBuilder builder) throws Exception { 

    MultipleLdapAuthoritiesPopulator multipleLdapAuthoritiesPopulator = new MultipleLdapAuthoritiesPopulator(
     new DefaultLdapAuthoritiesPopulator(contextSource, "ou=Groups,ou=webapps,ou=Applications"), 
     new DefaultLdapAuthoritiesPopulator(contextSource, "ou=groups")); 

    builder 
     .ldapAuthentication() 
      .ldapAuthoritiesPopulator(multipleLdapAuthoritiesPopulator) 
      .userDetailsContextMapper(userDetailsContextMapper) 
      .contextSource(contextSource) 
      .userSearchFilter("cn={0}") 
      .userSearchBase("ou=Users"); 
} 

class MultipleLdapAuthoritiesPopulator implements LdapAuthoritiesPopulator { 
    private List<LdapAuthoritiesPopulator> authoritiesPopulators; 

    public MultipleLdapAuthoritiesPopulator(LdapAuthoritiesPopulator...authoritiesPopulators) { 
     this.authoritiesPopulators = asList(authoritiesPopulators); 
    } 

    @Override 
    public Collection<? extends GrantedAuthority> getGrantedAuthorities(DirContextOperations userData, String username) { 
     List<GrantedAuthority> grantedAuthorities = authoritiesPopulators.stream() 
      .map(authPopulator -> authPopulator.getGrantedAuthorities(userData, username)) 
      .flatMap(Collection::stream) 
      .collect(Collectors.toList()); 

     return grantedAuthorities; 
    } 
}

来源

2017-02-24 14:45:50 HenrikG

相关问题

 相关问题