Spring安全LDAP连接
你好,我是春天的新手。
我正在尝试使用 Spring-security1.3.0 spring2.0.1 从我的服务器连接到 ActiveDirectory。
我正在使用文档示例 (18.4.5)
我可以看到 LdapAuthenticationProvider 对象是在页面加载时在 application-context.xml 中构造的。
几个问题:
我想知道 Active Directory 的答案何时何地返回?
我想我应该在 UserDetails 对象中看到结果。但如何看到这一点呢?这是什么代码?
我的目标是从活动目录中获取用户角色并搜索我的数据库(在我的服务器中)允许该角色执行的操作。所以我想知道哪个对象包含用户的角色。
谢谢,
Hello i am new to spring.
I am trying to connect to ActiveDirectory from my server using Spring-security1.3.0 spring2.0.1.
I am using the documentation example (18.4.5)
I can see the the LdapAuthenticationProvider object is constructed at page load in the
application-context.xml.
few Questions:
I wonder where and when will the answer from the Active directory returns?
I think i should see the result in UserDetails object. but how to see this? what code does this?
My goal is to get the user role from the Active directory and search my DB(in my server) what this role is permitted to do. So i would like to know what object contains the role of the user.
thanks,
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
您可以尝试
查看当前用户(身份验证)是否已添加任何角色(权限)。无论您如何验证/授权用户,这都应该有效。
Spring security 是一个用于保护应用程序的出色框架。然而,对于比演示稍微复杂一点的事情,最好首先对基础知识有一个良好的“感觉”。在实施诸如基于 LDAP-DB 的解决方案之类的重要解决方案之前,请尝试了解所有内容如何协同工作。一开始可能需要一些时间,但肯定会有回报。
You could try
to see, if any roles (authorities) have been added to the current user (authentication). This should work no matter how you authenticate/authorize your users.
Spring security is a great framework for securing your applications. However, for everything a little bit more complex than the demos, it's best to get a good "feeling" for the basics first. Try to get an understanding how everything works together, before you implement something non-trivial like an LDAP-DB-based solution. It might take some time at first, but it definitely pays off.