grails:仅限 spring-security 和 LDAP

【问题标题】:grails: spring-security and LDAP onlygrails:仅限 spring-security 和 LDAP
【发布时间】:2011-09-23 16:03:39
【问题描述】:

我遇到以下错误:

2011-06-27 17:23:57,241 [http-8080-1] DEBUG authentication.LdapAuthenticationProvider  - Processing authentication request for use
r: nvb0343
2011-06-27 17:23:57,241 [http-8080-1] DEBUG search.FilterBasedLdapUserSearch  - Searching for user 'xxxxxx', with user search [ s
earchFilter: 'sAMAccountName={0}', searchBase: 'DC=GrupoCGD,DC=com', scope: subtree, searchTimeLimit: 0, derefLinkFlag: true ]
2011-06-27 17:23:57,272 [http-8080-1] DEBUG rememberme.TokenBasedRememberMeServices  - Interactive login attempt was unsuccessful.

2011-06-27 17:23:57,272 [http-8080-1] DEBUG rememberme.TokenBasedRememberMeServices  - Cancelling cookie
2011-06-27 17:23:57,272 [http-8080-1] DEBUG web.DefaultRedirectStrategy  - Redirecting to '/fce-test-app/login/authfail?login_erro
r=1'
2011-06-27 17:23:57,272 [http-8080-1] DEBUG context.SecurityContextPersistenceFilter  - SecurityContextHolder now cleared, as requ
est processing completed
2011-06-27 17:23:57,272 [http-8080-1] DEBUG web.FilterChainProxy  - Converted URL to lowercase, from: '/login/authfail'; to: '/log
in/authfail'
2011-06-27 17:23:57,272 [http-8080-1] DEBUG web.FilterChainProxy  - Candidate is: '/login/authfail'; pattern is /**; matched=true
2011-06-27 17:23:57,272 [http-8080-1] DEBUG web.FilterChainProxy  - /login/authfail?login_error=1 at position 1 of 8 in additional
 filter chain; firing Filter: 'SecurityContextPersistenceFilter'

这是我的配置:

grails.plugins.springsecurity.ldap.search.derefLink = true    
grails.plugins.springsecurity.providerNames = ['ldapAuthProvider','anonymousAuthenticationProvider']

//grails.plugins.springsecurity.ldap.authorities.retrieveDatabaseRoles = false
grails.plugins.springsecurity.ldap.context.managerDn = 'XXX\XXX'
grails.plugins.springsecurity.ldap.context.managerPassword = 'changeme'
grails.plugins.springsecurity.ldap.context.server = 'ldap://my.ldap.service:389/'
grails.plugins.springsecurity.ldap.authorities.ignorePartialResultException = true // typically needed for Active Directory
grails.plugins.springsecurity.ldap.search.base = 'DC=XXX,DC=com' 
grails.plugins.springsecurity.ldap.search.filter="sAMAccountName={0}" // for Active Directory you need this
grails.plugins.springsecurity.ldap.search.searchSubtree = true
grails.plugins.springsecurity.ldap.auth.hideUserNotFoundExceptions = false

grails.plugins.springsecurity.ldap.useRememberMe = false
grails.plugins.springsecurity.ldap.authorities.retrieveGroupRoles = true
grails.plugins.springsecurity.ldap.authorities.groupSearchBase ='dc=*,dc=*'
grails.plugins.springsecurity.ldap.authorities.groupSearchFilter = 'member={0}'

我尝试过无数种组合,但似乎 grails 总是尝试 rememberMe 服务:

rememberme.TokenBasedRememberMeServices - Interactive login attempt was unsuccessful

【问题讨论】:

  • 它尝试逐个验证每个插件,直到其中一个不验证用户。可能ldab有问题(不记得我了),也许找不到合适的用户?
  • 但我没有配置 rememberMe 插件/身份验证服务。

标签: grails ldap spring-security


【解决方案1】:

我已经设法解决了。这是一个配置错误。这是后人的链接:https://gist.github.com/1053710

【讨论】:

    猜你喜欢
    • 2015-05-04
    • 2011-08-15
    • 2014-01-05
    • 2016-06-29
    • 2017-02-22
    • 2014-04-01
    • 2018-03-02
    • 2015-04-29
    • 2016-07-25
    相关资源
    最近更新 更多
    热门标签
    Java Python linux javascript Mysql C# Docker 算法 前端 SpringBoot Redis Vue spring 设计模式 .net core .net kubernetes c++ 数据库 数据结构 大数据 js 机器学习 微服务 Android Go 程序员 面试 JVM ASP.net core 云原生 人工智能 后端 PHP git CSS golang k8s Nginx Django mybatis 深度学习 多线程 React 架构 devops 爬虫 云计算 Spring Boot LeetCode