spring-security Spring Security ActiveDirectory用户身份验证问题

s1ag04yj 于 2022-11-11 发布在 Spring

关注(0)|答案(1)|浏览(365)

我是Spring安全的新手，正在尝试连接到Active Directory。
我在使用一般用户登录时遇到问题。当我使用“username@domain.com”登录时，我没有得到任何调试或任何东西
如果我尝试使用相同的用户名和乱码密码，我会收到以下错误：[nio-8080-exec-4] ctiveDirectoryLdapAuthenticationProvider : Authentication for username@domain.com failed:javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C090439, comment: AcceptSecurityContext error, data 52e, v4563 ]
我知道该错误意味着用户名存在，但密码是错误的（这是我们想要的）。
我的问题是为什么我什么都没有得到当使用正确的用户名/密码。
这是我的配置

@Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        ActiveDirectoryLdapAuthenticationProvider adProvider = new ActiveDirectoryLdapAuthenticationProvider(null,
                "ldap://10.100.2.11:389");
        adProvider.setConvertSubErrorCodesToExceptions(true);
        adProvider.setUseAuthenticationRequestCredentials(true);
        //adProvider.setSearchFilter("(&(objectClass=user)(sAMAccountName={0}))");
//        adProvider.setSearchFilter("(|" +
//                "(&(objectClass=user)(userPrincipalName={0}))" +
//                "(&(objectClass=user)(samAccountName={1}))" +
//                ")");

        auth.authenticationProvider(adProvider);
        auth.eraseCredentials(false);
    }

我已经尝试了注解掉的搜索过滤器，它们都没有改变任何行为。
以下是我尝试使用正确凭据登录时的调试

2022-07-08 10:56:14.066 DEBUG 4416 --- [nio-8080-exec-7] o.s.security.web.FilterChainProxy        : Securing POST /login
2022-07-08 10:56:14.067 DEBUG 4416 --- [nio-8080-exec-7] s.s.w.c.SecurityContextPersistenceFilter : Set SecurityContextHolder to empty SecurityContext
2022-07-08 10:56:14.196 DEBUG 4416 --- [nio-8080-exec-7] o.s.s.web.DefaultRedirectStrategy        : Redirecting to /login?error
2022-07-08 10:56:14.197 DEBUG 4416 --- [nio-8080-exec-7] w.c.HttpSessionSecurityContextRepository : Did not store empty SecurityContext
2022-07-08 10:56:14.197 DEBUG 4416 --- [nio-8080-exec-7] w.c.HttpSessionSecurityContextRepository : Did not store empty SecurityContext
2022-07-08 10:56:14.197 DEBUG 4416 --- [nio-8080-exec-7] s.s.w.c.SecurityContextPersistenceFilter : Cleared SecurityContextHolder to complete request
2022-07-08 10:56:14.202 DEBUG 4416 --- [nio-8080-exec-8] o.s.security.web.FilterChainProxy        : Securing GET /login?error
2022-07-08 10:56:14.203 DEBUG 4416 --- [nio-8080-exec-8] s.s.w.c.SecurityContextPersistenceFilter : Set SecurityContextHolder to empty SecurityContext
2022-07-08 10:56:14.203 DEBUG 4416 --- [nio-8080-exec-8] w.c.HttpSessionSecurityContextRepository : Did not store empty SecurityContext
2022-07-08 10:56:14.203 DEBUG 4416 --- [nio-8080-exec-8] w.c.HttpSessionSecurityContextRepository : Did not store empty SecurityContext
2022-07-08 10:56:14.204 DEBUG 4416 --- [nio-8080-exec-8] s.s.w.c.SecurityContextPersistenceFilter : Cleared SecurityContextHolder to complete request

spring-security

来源：https://stackoverflow.com/questions/72914122/spring-security-activedirectory-user-authentication-issue