spring-security Hilla Spring安全验证LDAP

okxuctiv  于 2022-11-11  发布在  Spring
关注(0)|答案(1)|浏览(213)

你能帮我设置Hilla + Spring Security(LDAP)吗?我已经从https://hilla.dev/docs/getting-started创建了演示项目

npx @vaadin/cli init --hilla --auth hilla-with-auth

这个项目有简单的身份验证,但我想LDAP身份验证。像在我的另一个应用程序没有Hilla:

@Configuration
@EnableAutoConfiguration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
class WebSecurityConfig extends VaadinWebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception  {
    http
            .authorizeRequests()
            .antMatchers("/logout/**", "/logout-success", "/login/**", "/static/**", "/**.png").permitAll()
            .anyRequest()
            .authenticated()
            .and()
            .formLogin()
            .loginPage("/login")
            .defaultSuccessUrl("/grocery", true)
            .failureUrl("/login?error=true")
            .permitAll()
            .and()
            .logout()
            .logoutUrl("/logout")
            .logoutSuccessUrl("/login?logout=true")
            .invalidateHttpSession(true)
            .deleteCookies("JSESSIONID")
            .permitAll()
            .and()
            .exceptionHandling().accessDeniedPage("/403")
            .and()
            .httpBasic();
    http.addFilterAfter(new CsrfLoggerFilter(), CsrfFilter.class);
}

@Autowired
public void configureGlobal(AuthenticationManagerBuilder authBuilder) throws Exception {
    authBuilder
            .ldapAuthentication()
            .userSearchFilter(new ParseConfigFile().getConf("AuthenticationManagerBuilder.userSearchFilter"))
            .userSearchBase(new ParseConfigFile().getConf("AuthenticationManagerBuilder.userSearchBase"))
            .groupSearchBase(new ParseConfigFile().getConf("AuthenticationManagerBuilder.groupSearchBase"))
            .groupSearchFilter(new ParseConfigFile().getConf("AuthenticationManagerBuilder.groupSearchFilter"))
            .contextSource()
            .url(new ParseConfigFile().getConf("AuthenticationManagerBuilder.url"))
            .managerDn(new ParseConfigFile().getConf("AuthenticationManagerBuilder.managerDn"))
            .managerPassword(new ParseConfigFile().getConf("AuthenticationManagerBuilder.managerPassword"));
}
}

我必须在配置文件中更改什么才能获得LDAP身份验证?

ulydmbyx

ulydmbyx1#

LDAP使用不同的通信协议,所以首先必须运行LDAP服务器,然后使用Spring Security进行身份验证。
spring Boot doc有一个配置文件,与您可能要查找的文件类似:Ldap Auth example

相关问题