问题描述
就像标题一样,我希望只有规范的用户.这是我的验证码:
Just like in title, I want that only users of spec. Here is my authentication code:
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception { auth.ldapAuthentication().userSearchFilter("(sAMAccountName={0})") .contextSource(contextSource()); }
我发现有 groupSearchFilter 和 groupSearchBase 或 groupRoleAttribute 之类的功能,但我不知道如何使用它们
I found that there are functions like groupSearchFilter and groupSearchBase or groupRoleAttribute but I have no idea how to use them
推荐答案
我对 Megha 的解决方案做了一些修改
I made some modifications on Megha's solution
@Configuration @EnableWebSecurity public class SecurityConfig extends WebSecurityConfigurerAdapter { @Configuration protected static class AuthenticationConfiguration extends GlobalAuthenticationConfigurerAdapter { @Override public void init(AuthenticationManagerBuilder auth) throws Exception { DefaultSpringSecurityContextSource contextSource = new DefaultSpringSecurityContextSource("ldap://ip:port/DC=xxxx,DC=yyyy"); contextSource.setUserDn("user_service_account"); contextSource.setPassword("password_user_service_account"); contextSource.setReferral("follow"); contextSource.afterPropertiesSet(); LdapAuthenticationProviderConfigurer<AuthenticationManagerBuilder> ldapAuthenticationProviderConfigurer = auth.ldapAuthentication(); ldapAuthenticationProviderConfigurer .userSearchBase("OU=Users,OU=Servers") .userSearchFilter("(&(cn={0})(memberOf=CN=GROUP_NAME,OU=Groups,OU=Servers,DC=xxxx,DC=yyyy))") .contextSource(contextSource); } } @Override protected void configure(HttpSecurity http) throws Exception { http.authorizeRequests() .antMatchers("/*****/**").authenticated().and() .httpBasic(); } }