【发布时间】:2011-11-17 01:06:51
【问题描述】:
我是 spring security 的新手,我尝试运行基于 spring-security ldap 示例的示例应用程序。下面是我对 applicationContext-security.xml 的配置:
<http>
<intercept-url pattern="/Login.jsp" filters="none"></intercept-url>
<intercept-url pattern="/nnn/**" access="ROLE_ADMIN" />
<intercept-url pattern="/common/**" access="ROLE_USER" />
<form-login login-page="/Login.jsp" authentication-failure-url="/Login.jsp?login_error=1"
default-target-url="/common/home.jsp"/>
<logout logout-success-url="/Login.jsp" invalidate-session="true"/>
</http>
<authentication-manager>
<ldap-authentication-provider group-search-filter="member={0}"
group-search-base="ou=groups"
user-search-base="ou=people"
user-search-filter="uid={0}" />
<authentication-provider ref='secondLdapProvider' />
</authentication-manager>
<ldap-server ldif="classpath:users.ldif" port="33389"/>
<b:bean id="contextSource" class="org.springframework.security.ldap.DefaultSpringSecurityContextSource">
<b:constructor-arg value="ldap://localhost:33389/dc=springframework,dc=org"/>
</b:bean>
我已经按原样使用了 user.ldif 文件。 如果我使用默认值,应用程序将成功运行。但是,如果我在 ldif 文件和 applicationContext-security.xml 的 contextSource bean 中放置任何其他值来代替 springframework,比如 google,那么我会收到以下错误:
Your login attempt was not successful, try again.
Reason: [LDAP: error code 32 - NO_SUCH_OBJECT: failed for SearchRequest baseDn :
'2.5.4.11=people,0.9.2342.19200300.100.1.25=google,0.9.2342.19200300.100.1.25=org' filter : '(0.9.2342.19200300.100.1.1=rod)' scope :whole
subtree typesOnly : false Size Limit : no limit Time Limit : no limit Deref Aliases : deref Always attributes : : Cannot find a partition for
2.5.4.11=people,0.9.2342.19200300.100.1.25=google,0.9.2342.19200300.100.1.25=org:
org.apache.directory.shared.ldap.exception.LdapNameNotFoundException: Cannot find a partition for
2.5.4.11=people,0.9.2342.19200300.100.1.25=google,0.9.2342.19200300.100.1.25=org at
org.apache.directory.server.core.partition.DefaultPartitionNexus.getPartition(DefaultPartitionNexus.java:1082) at
org.apache.directory.server.core.partition.DefaultPartitionNexus.hasEntry(DefaultPartitionNexus.java:1037) at
org.apache.directory.server.core.interceptor.InterceptorChain$1.hasEntry(InterceptorChain.java:167) at
谁能告诉我为什么会出现上述错误...
这是 ldif 文件:
dn: ou=groups,dc=google,dc=org
objectclass: top
objectclass: organizationalUnit
ou: groups
dn: ou=people,dc=google,dc=org
objectclass: top
objectclass: organizationalUnit
ou: people
dn: uid=rod,ou=people,dc=google,dc=org
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
cn: Rod Johnson
sn: Johnson
uid: rod
userPassword: koala
dn: uid=dianne,ou=people,dc=google,dc=org
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
cn: Dianne Emu
sn: Emu
uid: dianne
userPassword: emu
dn: uid=scott,ou=people,dc=google,dc=org
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
cn: Scott
sn: Wombat
uid: scott
userPassword: wombat
dn: cn=user,ou=groups,dc=google,dc=org
objectclass: top
objectclass: groupOfNames
cn: user
member: uid=rod,ou=people,dc=google,dc=org
member: uid=dianne,ou=people,dc=google,dc=org
member: uid=scott,ou=people,dc=google,dc=org
dn: cn=teller,ou=groups,dc=google,dc=org
objectclass: top
objectclass: groupOfNames
cn: USER
member: uid=rod,ou=people,dc=google,dc=org
member: dianne=rod,ou=people,dc=google,dc=org
dn: cn=supervisor,ou=groups,dc=google,dc=org
objectclass: top
objectclass: groupOfNames
cn: ADMIN
member: uid=rod,ou=people,dc=google,dc=org
不是google,而是示例应用程序的原始文件中的springframework。我是不是错过了什么...
【问题讨论】:
标签: ldap spring-security