Spring Security 3不能与JDK 1.7一起工作

Question

我在Spring MVC项目中使用LDAP进行身份验证的Spring Security 3。 它工作正常，直到我需要将我的项目部署到其他环境并将JDK的版本从1.6更改为1.7。

下面

是我春天的安全配置文件和代码示例：成功登录后

1）安全应用程序的context.xml

<?xml version="1.0" encoding="UTF-8"?> 
<beans 
    xmlns:s="http://www.springframework.org/schema/security" 
    xmlns="http://www.springframework.org/schema/beans" 
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
    xsi:schemaLocation=" 
        http://www.springframework.org/schema/beans 
        http://www.springframework.org/schema/beans/spring-beans-3.0.xsd 
        http://www.springframework.org/schema/security 
        http://www.springframework.org/schema/security/spring-security-3.1.xsd"> 

    <s:http use-expressions="true">  
     <s:intercept-url pattern="/auth/**" access="permitAll" /> 
     <s:intercept-url pattern="/css/**" access="permitAll" /> 
     <s:intercept-url pattern="/image/**" access="permitAll" /> 
     <s:intercept-url pattern="/scripts/**" access="permitAll" />   

     <s:intercept-url pattern="/**" access="hasRole('GENERAL_USER')" /> 

     <s:form-login login-page="/auth/login.html" 
         default-target-url="/welcome.html" 
         authentication-failure-url="/auth/login.html?error=1" /> 

     <s:access-denied-handler error-page="/auth/denied.html"/> 

     <s:logout invalidate-session="true" logout-success-url="/auth/logoutSuccess.html"/>       
    </s:http> 

    <s:authentication-manager> 
     <s:authentication-provider ref="ldapAuthProvider" /> 
    </s:authentication-manager> 

    <bean 
     id="contextSource" 
     class="org.springframework.security.ldap.DefaultSpringSecurityContextSource" 
     scope="singleton"> 
     <constructor-arg 
      value="ldap://ldapurl:389/dc=o,dc=a" /> 
      <property name="userDn" value="cn=xxx,cn=users,dc=o,dc=a" /> 
      <property name="password" value="password" /> 
      <property name="baseEnvironmentProperties"> 
       <map> 
        <entry key="java.naming.referral"> 
         <value>follow</value> 
        </entry>      
       </map> 
      </property>   
    </bean> 

    <bean id="userSearch" 
     class="org.springframework.security.ldap.search.FilterBasedLdapUserSearch"> 
     <!-- searchBase, searchFilter, contextSource --> 
     <constructor-arg index="0" value="" /> 
     <constructor-arg index="1" value="(sAMAccountName={0})" /> 
     <constructor-arg index="2" ref="contextSource" /> 
    </bean> 

    <bean id="ldapAuthProvider" 
     class="com.foo.auth.MyLdapAuthenticationProvider">  
     <constructor-arg>  
      <bean  
       class="com.foo.auth.MyLdapAuthenticator"> 
       <constructor-arg ref="contextSource" /> 
       <property name="userSearch"> 
        <ref bean="userSearch" /> 
       </property>    
      </bean> 
     </constructor-arg> 
     <property name="authoritiesPopulator" ref="authoritiesPopulator" /> 
     <property name="userDetailsContextMapper" ref="userDetailsMapper" /> 
    </bean> 

    <bean id="authoritiesPopulator" class="com.foo.auth.MyLdapAuthoritiesPopulator"> 
     <constructor-arg ref="userService" />  
    </bean>  

    <bean id="userService" class="com.foo.auth.MyLdapUserDetailsService"> 
     <constructor-arg ref="userSearch" /> 
     <property name="userDetailsMapper" ref="userDetailsMapper" /> 
    </bean> 
    <bean id="userDetailsMapper" class="com.foo.auth.MyUserDetailsContextMapper">      
    </bean>   
</beans> 

2）将重定向的URL的welcome.jsp，在welcome.jsp，我使用spring security taglib获取登录用户的全名。 （用于测试，我使用的主要显示整个上下文信息）：

<security:authentication property="principal"></security:authentication>  

时使用JDK 1.6，主要节目：

com.foo.auth.MyUserDetails@3e2d20ec:......... 

，我可以用我的自定义UserDetail的属性，例如像principal.fullName。 时使用JDK 1.7，主要节目：

​​

它没有得到我的自定义UserDetail对象。所以如果我使用JDKk1.7，我无法正确地获取Spring上下文。

这个问题花了我将近1周发现，根本原因是JDK版本的问题;-(

有谁知道为什么用LDAP Spring Security没有在JDK1.7工作？还是我想念的东西配置？

预先感谢您！

Answer 1

问题解决。 这是因为我的MyLdapAuthenticationProvider扩展错误提供商。 我改变MyLdapAuthenticationProvider扩展类LdapAuthenticationProvider可疑， 和弹簧安全工作˚F无论是在JDK 1.6还是1.7版本中。

这里是我的自定义LdapAuthenticationProvider可疑：

public class MyLdapAuthenticationProvider extends LdapAuthenticationProvider { 

private static Logger logger = Logger.getLogger(MyLdapAuthenticationProvider.class);   
private MyLdapAuthenticator authenticator; 
@Autowired 
private MyLdapAuthoritiesPopulator authoritiesPopulator; 
@Autowired 
private MyUserDetailsContextMapper userDetailsContextMapper; 

public MyLdapAuthenticationProvider(LdapAuthenticator authenticator) { 
    super(authenticator); 
    this.authenticator = (MyLdapAuthenticator) authenticator; 
} 

@Override 
protected DirContextOperations doAuthentication(UsernamePasswordAuthenticationToken userToken) { 
    try { 
     DirContextOperations dirCtx = getAuthenticator().authenticate(userToken);    
     return dirCtx; 
    } catch (PasswordPolicyException ppe) { 
     throw new LockedException(this.messages.getMessage(ppe.getStatus().getErrorCode(), ppe.getStatus() 
       .getDefaultMessage())); 
    } catch (UsernameNotFoundException notFound) {    
     throw new BadCredentialsException("User Name Error!"); 
    } catch (NamingException ldapAccessFailure) { 
     throw new AuthenticationServiceException(ldapAccessFailure.getMessage(), ldapAccessFailure); 
    } 
} 

private void setAuthenticator(MyLdapAuthenticator authenticator) { 
    Assert.notNull(authenticator, "An LdapAuthenticator must be supplied"); 
    this.authenticator = authenticator; 
} 

private MyLdapAuthenticator getAuthenticator() { 
    return authenticator; 
} 

public MyUserDetailsContextMapper getUserDetailsContextMapper() { 
    return userDetailsContextMapper; 
} 

public void setUserDetailsContextMapper(MyUserDetailsContextMapper userDetailsContextMapper) { 
    this.userDetailsContextMapper = userDetailsContextMapper; 
} 

public void setAuthoritiesPopulator(MyLdapAuthoritiesPopulator authoritiesPopulator) { 
    this.authoritiesPopulator = authoritiesPopulator; 
} 

public MyLdapAuthoritiesPopulator getAuthoritiesPopulator() { 
    return authoritiesPopulator; 
} 

}