【发布时间】:2014-07-18 22:30:35
【问题描述】:
我有一个我使用的 Spring 3 应用程序:
<authentication-manager>
<authentication-provider ref='myAuthenticationProvider'/>
</authentication-manager>
名称空间等效于 spring 2。
是因为我使用 Spring 3 使用我的 LDAP 应用程序登录并希望在 Spring 2 中实现相同的方法
代码 spring-secutiy-ldap.xml
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.1.xsd">
<http auto-config="true">
<intercept-url pattern="/app/Out*" access="IS_AUTHENTICATED_ANONYMOUSLY" />
<intercept-url pattern="/app/Login*" access="IS_AUTHENTICATED_ANONYMOUSLY" />
<intercept-url pattern="/app/Out" access="IS_AUTHENTICATED_ANONYMOUSLY" />
<intercept-url pattern="/app/**" access="IS_AUTHENTICATED_ANONYMOUSLY, ROLE_USER" />
</http>
<authentication-manager>
<authentication-provider ref="ldapAuthProvider"/>
</authentication-manager>
<!-- Server -->
<ldap-server id="ldapServer" url="ldap://${ldap.server.ip}:${ldap.server.port}/${ldap.server.root}"/>
<!-- Authenticator -->
<beans:bean class="org.springframework.security.ldap.authentication.BindAuthenticator" id="ldapBindAuthenticator">
<beans:constructor-arg ref="ldapServer"/>
<beans:property name="userSearch" ref="userSearch"/>
</beans:bean>
<beans:bean id="userSearch" class="org.springframework.security.ldap.search.FilterBasedLdapUserSearch">
<beans:constructor-arg index="0" value="ou=people"/>
<beans:constructor-arg index="1" value="(uid={0})"/>
<beans:constructor-arg index="2" ref="ldapServer" />
</beans:bean>
<beans:bean class="org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator" id="ldapAuthoritiesPopulator">
<beans:constructor-arg ref="ldapServer"/>
<beans:constructor-arg value="${ldap.springrole.rdn}"/>
<beans:property name="groupRoleAttribute" value="${ldap.springrole.attribute}"/>
<beans:property name="rolePrefix" value="${ldap.springrole.prefix}"/>
<beans:property name="groupSearchFilter" value="(objectClass=organizationalRole)"/>
<beans:property name="searchSubtree" value="true" />
</beans:bean>
<beans:bean id="ldapAuthProvider" class="org.springframework.security.ldap.authentication.LdapAuthenticationProvider">
<beans:constructor-arg ref="ldapBindAuthenticator"/>
<beans:constructor-arg ref="ldapAuthoritiesPopulator"/>
<beans:property name="userDetailsContextMapper" ref="ldapUserDetailsContextMapper"/>
</beans:bean>
<beans:bean id="ldapTemplate" class="org.springframework.ldap.core.LdapTemplate">
<beans:constructor-arg ref="ldapServer"/>
</beans:bean>
<beans:bean class="com.test.ladp.security.UserLdapMapper" id="ldapUserDetailsContextMapper">
<beans:property name="template" ref="ldapTemplate"/>
</beans:bean>
例外:
Caused by: org.springframework.security.config.SecurityConfigurationException: No UserDetailsService registered.
at org.springframework.security.config.UserDetailsServiceInjectionBeanPostProcessor.getUserDetailsService(UserDetailsServiceInjectionBeanPostProcessor.java:110)
at org.springframework.security.config.UserDetailsServiceInjectionBeanPostProcessor.injectUserDetailsServiceIntoRememberMeServices(UserDetailsServiceInjectionBeanPostProcessor.java:55)
at org.springframework.security.config.UserDetailsServiceInjectionBeanPostProcessor.postProcessBeforeInitialization(UserDetailsServiceInjectionBeanPostProcessor.java:36)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.applyBeanPostProcessorsBeforeInitialization(AbstractAutowireCapableBeanFactory.java:350)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.initializeBean(AbstractAutowireCapableBeanFactory.java:1330)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:473)
... 69 more
【问题讨论】:
标签: spring ldap openldap spring-ldap spring-security-ldap