我的LDAP中有几个DC(如DC = Ny,DC = Oh),并希望通过grails spring ldap插件从LDAP验证用户身份 .
最初我在config.groovy文件中使用了以下参数,并且能够从newyork验证用户,但现在我必须验证来自newyork和Ohio的用户 .
//由Spring Security Core插件添加:grails.plugins.springsecurity.userLookup.userDomainClassName ='com.test.SecUser'grails.plugins.springsecurity.userLookup.authorityJoinClassName ='com.test.SecUserSecRole'grails.plugins.springsecurity . authority.className ='com.test.SecRole'
// LDAP config grails.plugins.springsecurity.ldap.context.managerDn ='CN = P8,OU = P8,OU = Weblogic,OU = PR,OU = Groups - Application,DC = NY,DC = GWL,DC = com 'grails.plugins.springsecurity.ldap.context.managerPassword ='test'grails.plugins.springsecurity.ldap.context.server ='ldap://NY.GWL.com:389 /'grails.plugins.springsecurity.ldap . authorities.ignorePartialResultException = true //通常需要Active Directory grails.plugins.springsecurity.ldap.search.base ='DC = NY,DC = GWL,DC = com'grails.plugins.springsecurity.ldap.search.filter =“ sAMAccountName = {0}“//对于Active Directory,您需要此grails.plugins.springsecurity.ldap.search.searchSubtree = true grails.plugins.springsecurity.ldap.auth.hideUserNotFoundExceptions = false grails.plugins.springsecurity.ldap.search . attributesToReturn = ['mail','displayName'] //要返回的额外属性;请参阅下面的访问此数据的自定义类grails.plugins.springsecurity.providerNames = ['ldapAuthProvider','anonymousAuthenticationProvider'] //如果要跳过尝试从db加载并仅使用LDAP,请指定此项
在groovy.config文件中需要进行哪些更改,还是需要进行任何代码更改 .
任何有关这方面的帮助都会非常有帮助 .
谢谢