/**
* Configure AuthenticationManager with inMemory credentials.
*
* NOTE:
* Due to a known limitation with JavaConfig:
* <a href="https://jira.spring.io/browse/SPR-13779">
* https://jira.spring.io/browse/SPR-13779</a>
*
* We cannot use the following to expose a {@link UserDetailsManager}
* <pre>
* http.authorizeRequests()
* </pre>
*
* In order to expose {@link UserDetailsManager} as a bean, we must create @Bean
*
* @see {@link super.userDetailsService()}
* @see {@link com.packtpub.springsecurity.service.DefaultCalendarService}
*
* @param auth AuthenticationManagerBuilder
* @throws Exception Authentication exception
*/
@Override
public void configure(final AuthenticationManagerBuilder auth) throws Exception {
auth
.ldapAuthentication()
.userSearchBase("")
.userSearchFilter("(uid={0})")
.groupSearchBase("ou=Groups")
.groupSearchFilter("(uniqueMember={0})")
.userDetailsContextMapper(new InetOrgPersonContextMapper())
.contextSource(contextSource())
// .contextSource()
// .managerDn("uid=admin,ou=system")
// .managerPassword("secret")
// .url("ldap://localhost:33389/dc=jbcpcalendar,dc=com")
// .root("dc=jbcpcalendar,dc=com")
// .ldif("classpath:/ldif/calendar.ldif")
// .and()
.passwordCompare()
// Supports {SHA} and {SSHA}
.passwordEncoder(new LdapShaPasswordEncoder())
.passwordAttribute("userPassword")
;
}
java类org.springframework.security.authentication.encoding.LdapShaPasswordEncoder的实例源码
SecurityConfig.java 文件源码
项目:Spring-Security-Third-Edition
阅读 33
收藏 0
点赞 0
评论 0
WebSecurityConfig.java 文件源码
项目:openfleet
阅读 32
收藏 0
点赞 0
评论 0
/**
* Configures the {@link org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder} for LDAP authentication.
* @param auth the {@link org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder} used to configure LDAP authenticaton.
* @throws Exception if an error occurs when adding the LDAP authentication.
*/
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception{
auth
.ldapAuthentication()
.userDnPatterns("uid={0},ou=managers")
.groupSearchBase("ou=managers")
.contextSource(contextSource())
.passwordCompare()
.passwordEncoder(new LdapShaPasswordEncoder())
.passwordAttribute("userPassword");
}
LDAPAuthenticator.java 文件源码
项目:para
阅读 39
收藏 0
点赞 0
评论 0
/**
* Default constructor.
* @param ldapSettings LDAP config map for an app
*/
public LDAPAuthenticator(Map<String, String> ldapSettings) {
if (ldapSettings != null && ldapSettings.containsKey("security.ldap.server_url")) {
String serverUrl = ldapSettings.get("security.ldap.server_url");
String baseDN = ldapSettings.get("security.ldap.base_dn");
String bindDN = ldapSettings.get("security.ldap.bind_dn");
String basePass = ldapSettings.get("security.ldap.bind_pass");
String searchBase = ldapSettings.get("security.ldap.user_search_base");
String searchFilter = ldapSettings.get("security.ldap.user_search_filter");
String dnPattern = ldapSettings.get("security.ldap.user_dn_pattern");
String passAttribute = ldapSettings.get("security.ldap.password_attribute");
boolean usePasswordComparison = ldapSettings.containsKey("security.ldap.compare_passwords");
DefaultSpringSecurityContextSource contextSource =
new DefaultSpringSecurityContextSource(Arrays.asList(serverUrl), baseDN);
contextSource.setAuthenticationSource(new SpringSecurityAuthenticationSource());
contextSource.setCacheEnvironmentProperties(false);
if (!bindDN.isEmpty()) {
contextSource.setUserDn(bindDN);
}
if (!basePass.isEmpty()) {
contextSource.setPassword(basePass);
}
LdapUserSearch userSearch = new FilterBasedLdapUserSearch(searchBase, searchFilter, contextSource);
if (usePasswordComparison) {
PasswordComparisonAuthenticator p = new PasswordComparisonAuthenticator(contextSource);
p.setPasswordAttributeName(passAttribute);
p.setPasswordEncoder(new LdapShaPasswordEncoder());
p.setUserDnPatterns(new String[]{dnPattern});
p.setUserSearch(userSearch);
authenticator = p;
} else {
BindAuthenticator b = new BindAuthenticator(contextSource);
b.setUserDnPatterns(new String[]{dnPattern});
b.setUserSearch(userSearch);
authenticator = b;
}
}
}
SecurityConfig.java 文件源码
项目:Spring-Security-Third-Edition
阅读 36
收藏 0
点赞 0
评论 0
/**
* Configure AuthenticationManager with inMemory credentials.
*
* NOTE:
* Due to a known limitation with JavaConfig:
* <a href="https://jira.spring.io/browse/SPR-13779">
* https://jira.spring.io/browse/SPR-13779</a>
*
* We cannot use the following to expose a {@link UserDetailsManager}
* <pre>
* http.authorizeRequests()
* </pre>
*
* In order to expose {@link UserDetailsManager} as a bean, we must create @Bean
*
* @see {@link super.userDetailsService()}
* @see {@link com.packtpub.springsecurity.service.DefaultCalendarService}
*
* @param auth AuthenticationManagerBuilder
* @throws Exception Authentication exception
*/
@Override
public void configure(final AuthenticationManagerBuilder auth) throws Exception {
auth
.ldapAuthentication()
// .ldapAuthoritiesPopulator(ldapAuthoritiesPopulator())
.userSearchBase("")
.userSearchFilter("(uid={0})")
.groupSearchBase("ou=Groups")
.groupSearchFilter("(uniqueMember={0})")
// .userDetailsContextMapper(new InetOrgPersonContextMapper())
.contextSource(contextSource())
.passwordCompare()
// Supports {SHA} and {SSHA}
.passwordEncoder(new LdapShaPasswordEncoder())
.passwordAttribute("userPassword")
;
/*
<ldap-authentication-provider server-ref="ldapServer"
user-search-filter="(uid={0})"
group-search-base="ou=Groups"
user-details-class="inetOrgPerson">
<bean id="ldapAuthenticationProvider"
class="org.springframework.security.ldap.authentication.LdapAuthenticationProvider">
<constructor-arg ref="ldapBindAuthenticator"/>
<constructor-arg ref="ldapAuthoritiesPopulator"/>
<property name="userDetailsContextMapper" ref="ldapUserDetailsContextMapper"/>
</bean>
<bean id="ldapBindAuthenticator"
class="org.springframework.security.ldap.authentication.BindAuthenticator">
<constructor-arg ref="ldapServer"/>
<property name="userSearch" ref="ldapSearch"/>
</bean>
// <bean id="ldapSearch"
// class="org.springframework.security.ldap.search.FilterBasedLdapUserSearch">
// <constructor-arg value=""/> <!-- use-search-base -->
// <constructor-arg value="(uid={0})"/> <!-- user-search-filter -->
// <constructor-arg ref="ldapServer"/>
// </bean>
// <bean id="ldapAuthoritiesPopulator"
// class="org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator">
// <constructor-arg ref="ldapServer"/>
// <constructor-arg value="ou=Groups"/>
// <property name="groupSearchFilter" value="(uniqueMember={0})"/>
// </bean>
*/
}
SecurityConfig.java 文件源码
项目:Spring-Security-Third-Edition
阅读 30
收藏 0
点赞 0
评论 0
/**
* Configure AuthenticationManager with inMemory credentials.
*
* NOTE:
* Due to a known limitation with JavaConfig:
* <a href="https://jira.spring.io/browse/SPR-13779">
* https://jira.spring.io/browse/SPR-13779</a>
*
* We cannot use the following to expose a {@link UserDetailsManager}
* <pre>
* http.authorizeRequests()
* </pre>
*
* In order to expose {@link UserDetailsManager} as a bean, we must create @Bean
*
* @see {@link super.userDetailsService()}
* @see {@link com.packtpub.springsecurity.service.DefaultCalendarService}
*
* @param auth AuthenticationManagerBuilder
* @throws Exception Authentication exception
*/
@Override
public void configure(final AuthenticationManagerBuilder auth) throws Exception {
auth
.ldapAuthentication()
.userSearchBase("")
.userSearchFilter("(uid={0})")
.groupSearchBase("ou=Groups")
.groupSearchFilter("(uniqueMember={0})")
.userDetailsContextMapper(new InetOrgPersonContextMapper())
.contextSource(contextSource())
.passwordCompare()
// Supports {SHA} and {SSHA}
.passwordEncoder(new LdapShaPasswordEncoder())
.passwordAttribute("userPassword")
;
}
LDAPUserService.java 文件源码
项目:yona-server
阅读 30
收藏 0
点赞 0
评论 0
private static String generateSaltedPassword(String vpnPassword)
{
LdapShaPasswordEncoder ldapShaPasswordEncoder = new LdapShaPasswordEncoder();
return ldapShaPasswordEncoder.encodePassword(vpnPassword, CryptoUtil.getRandomBytes(64));
}
