java 使用 Spring Security 和 JavaConfig 进行身份验证时出现 PartialResultException
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/26791654/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
PartialResultException when authenticating with Spring Security and JavaConfig
提问by Chris L
I am currently creating a new web application using Spring Boot and began the process of integrating Spring Security for authentication. After successfully following the Spring Boot-based LDAP tutorial, I wanted to point my JavaConfig-based configuration to my Active Directory instance.
我目前正在使用 Spring Boot 创建一个新的 Web 应用程序,并开始集成 Spring Security 以进行身份验证。成功遵循基于 Spring Boot 的LDAP 教程后,我想将基于 JavaConfig 的配置指向我的 Active Directory 实例。
My application now handles bad credentials as expected, but valid credentials now result in
我的应用程序现在按预期处理错误的凭据,但有效的凭据现在导致
javax.naming.PartialResultException: Unprocessed Continuation Reference(s); remaining name ''
This is a common problem -- there are a numberofplaceswhere this issue has been encountered. The solution appears to be setting Context.REFERRAL to "follow", but I can't find any documentation indicating how to set that option using JavaConfig. Is my only option here to revert to an XML-based configuration? It seems like Spring is pushing developers toward JavaConfig, so I'd like to avoid mixing the two approaches, if possible.
这是一个常见的问题-有一个数量的地方在那里已经遇到了这个问题。解决方案似乎是将 Context.REFERRAL 设置为“follow”,但我找不到任何说明如何使用 JavaConfig 设置该选项的文档。我在这里恢复到基于 XML 的配置的唯一选择是什么?似乎 Spring 正在推动开发人员使用 JavaConfig,所以如果可能的话,我想避免混合这两种方法。
The following is my security configuration:
以下是我的安全配置:
@Configuration
@EnableWebMvcSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests().antMatchers("/css/**").permitAll().anyRequest()
.fullyAuthenticated().and().formLogin();
}
@Configuration
protected static class AuthenticationConfiguration extends
GlobalAuthenticationConfigurerAdapter {
@Override
public void init(AuthenticationManagerBuilder auth) throws Exception {
auth.ldapAuthentication()
.userSearchBase("")
.userSearchFilter("(&(cn={0}))").contextSource()
.managerDn("<username>")
.managerPassword("<password>")
.url("ldap://<url>");
}
}
}
回答by Chris L
I had the feeling I'd need to use an instance of LdapContextSourceto make this happen (since it conveniently has a setReferralmethod), but I struggled a bit with the details. A forum poston spring.io gave me enough to go on, and it looks like I now have things working.
我感觉我需要使用一个实例LdapContextSource来实现这一点(因为它有一个setReferral方法很方便),但我在细节上有点挣扎。spring.io 上的一个论坛帖子给了我足够的时间,看起来我现在可以正常工作了。
It's not clear to me if there are any significant flaws with what I'm doing here, but it seems to work, so hopefully this will be helpful to someone else in the future:
我不清楚我在这里做的事情是否有任何重大缺陷,但它似乎有效,所以希望这会对将来的其他人有所帮助:
@Configuration
@EnableWebMvcSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests().antMatchers("/css/**").permitAll().anyRequest()
.fullyAuthenticated().and().formLogin();
}
@Configuration
protected static class AuthenticationConfiguration extends
GlobalAuthenticationConfigurerAdapter {
@Override
public void init(AuthenticationManagerBuilder auth) throws Exception {
DefaultSpringSecurityContextSource contextSource = new DefaultSpringSecurityContextSource("ldap://<url>");
contextSource.setUserDn("<username>");
contextSource.setPassword("<password>");
contextSource.setReferral("follow");
contextSource.afterPropertiesSet();
LdapAuthenticationProviderConfigurer<AuthenticationManagerBuilder> ldapAuthenticationProviderConfigurer = auth.ldapAuthentication();
ldapAuthenticationProviderConfigurer
.userSearchFilter("(&(cn={0}))")
.userSearchBase("")
.contextSource(contextSource);
}
}
}
