我打算使用 Windows Active Directory 实施身份验证。然而,看起来这个能力在 spring security 6.2.1 中已经被删除,使用 ldap 进行身份验证。
我的pom.xml是这样的:
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>3.2.2</version>
<relativePath/> <!-- lookup parent from repository -->
</parent>
<groupId>zw.co.tingo</groupId>
<artifactId>app</artifactId>
<version>0.0.1-SNAPSHOT</version>
<name>app</name>
<description>Application</description>
<properties>
<java.version>21</java.version>
</properties>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-data-jpa</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-mail</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-data-ldap</artifactId>
</dependency>
我有一个 ActiveDirectoryAuthenticationProvider 类,如下所示:
@Configuration
公共类 ActiveDirectoryAuthProvider {
@Autowired private ActiveDirectoryProperties adProperties;
@Autowired private CustomUserDetailsMapper userDetailsMapper;
@Bean
public ActiveDirectoryLdapAuthenticationProvider activeDirectoryLdapAuthenticationProvider() {
ActiveDirectoryLdapAuthenticationProvider provider =
new ActiveDirectoryLdapAuthenticationProvider(
adProperties.getDomain(),
adProperties.getUrl()
);
provider.setConvertSubErrorCodesToExceptions(true);
provider.setUseAuthenticationRequestCredentials(true);
GrantedAuthoritiesMapper authoritiesMapper = createAuthoritiesMapper();
provider.setAuthoritiesMapper(authoritiesMapper);
provider.setUserDetailsContextMapper(userDetailsMapper);
return provider;
}
private GrantedAuthoritiesMapper createAuthoritiesMapper() {
return (authorities) -> {
Set<GrantedAuthority> mappedAuthorities = new HashSet<>();
// Map AD groups to roles
for (GrantedAuthority authority : authorities) {
String group = authority.getAuthority();
if (group.startsWith("ROLE_")) {
// Prefix ROLE_ is added to distinguish roles
mappedAuthorities.add(new SimpleGrantedAuthority(group));
} else {
// If the AD group doesn't start with ROLE_, consider it as a role
mappedAuthorities.add(new SimpleGrantedAuthority("ROLE_" + group));
}
}
return mappedAuthorities;
};
}
}
但是没有任何效果。我收到错误:
Cannot resolve symbol 'ActiveDirectoryLdapAuthenticationProvider'
可以帮忙提供有关如何在 Spring Security 6.2.1 中实现 Active Directory 身份验证的教程或指南的链接吗
仔细分析了github上的包后我发现这个功能是可用的。
我要做的就是替换我的 pom.xml 的这一部分:
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-data-ldap</artifactId>
</dependency>
有了这个:
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-ldap</artifactId>
<version>6.2.2</version>
</dependency>
立刻一切都恢复了生机!按照我的预期,spring-boot-starter-data-ldap 似乎没有任何有意义的代码。