我试图在Grails中设置Spring Security,使用令牌(通过Spring Security REST插件)进行身份验证并对LDAP进行授权 . 我找到了几个例子(我现在有大约20个浏览器标签打开),但没有一个回答整个问题 . 大多数示例是Grails REST Security或Grails LDAP Security,但没有Grails REST LDAP的示例 .
我的问题是,当我需要它来查看LDAP时,应用程序会尝试在数据库中查找用户和角色 .
我发现解决方案是进入resources.groovy并将userDetailsService bean配置为使用LDAP . 只有"prerequisite"是您必须已经为LDAP服务器配置了正确的LDAP . 我在这里找到了这个解决方案:http://swordsystems.com/2011/12/21/spring-security-cas-ldap/ . 并且只采取了以下一块 .
// Place your Spring DSL code here import grails.plugin.springsecurity.SpringSecurityUtils beans = { def config = SpringSecurityUtils.securityConfig if (config.ldap.context.server) { SpringSecurityUtils.loadSecondaryConfig 'DefaultLdapSecurityConfig' config = SpringSecurityUtils.securityConfig initialDirContextFactory(org.springframework.security.ldap.DefaultSpringSecurityContextSource, config.ldap.context.server){ userDn = config.ldap.context.managerDn password = config.ldap.context.managerPassword } ldapUserSearch(org.springframework.security.ldap.search.FilterBasedLdapUserSearch, config.ldap.search.base, config.ldap.search.filter, initialDirContextFactory){ } ldapAuthoritiesPopulator(org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator, initialDirContextFactory, config.ldap.authorities.groupSearchBase){ groupRoleAttribute = config.ldap.authorities.groupRoleAttribute groupSearchFilter = config.ldap.authorities.groupSearchFilter searchSubtree = config.ldap.authorities.searchSubtree rolePrefix = "ROLE_" convertToUpperCase = config.ldap.mapper.convertToUpperCase ignorePartialResultException = config.ldap.authorities.ignorePartialResultException } userDetailsService(org.springframework.security.ldap.userdetails.LdapUserDetailsService, ldapUserSearch, ldapAuthoritiesPopulator){ } } }
1 回答
我发现解决方案是进入resources.groovy并将userDetailsService bean配置为使用LDAP . 只有"prerequisite"是您必须已经为LDAP服务器配置了正确的LDAP . 我在这里找到了这个解决方案:http://swordsystems.com/2011/12/21/spring-security-cas-ldap/ . 并且只采取了以下一块 .