一、

1.This method is the  LDAP analog to  jdbcAuthentication()

 @Override

 protected void configure(AuthenticationManagerBuilder auth)

 throws Exception {

     auth

         .ldapAuthentication()

         .userSearchFilter("(uid={0})")

         .groupSearchFilter("member={0}");

 }

The userSearchFilter() and groupSearchFilter() methods are used to provide a filter for the base LDAP queries, which are used to search for users and groups. By default, the base queries for both users and groups are empty, indicating that the search will be done from the root of the LDAP hierarchy. But you can change that by specifying a query base:

 @Override

 protected void configure(AuthenticationManagerBuilder auth)

 throws Exception {

     auth

         .ldapAuthentication()

         .userSearchBase("ou=people")

         .userSearchFilter("(uid={0})")

         .groupSearchBase("ou=groups")

         .groupSearchFilter("member={0}");

 }

The userSearchBase() method provides a base query for finding users. Likewise, the groupSearchBase() specifies the base query for finding groups. Rather than search from the root, this example specifies that users be searched for where the organization unit is people . And groups should be searched for where the organizational unit is groups .

SPRING IN ACTION 第4版笔记-第九章Securing web applications-005-Applying LDAP-backed authentication的更多相关文章

  1. SPRING IN ACTION 第4版笔记-第九章Securing web applications-001-SpringSecurity简介(DelegatingFilterProxy、AbstractSecurityWebApplicationInitializer、WebSecurityConfigurerAdapter、@EnableWebSecurity、@EnableWebMvcS)

    一.SpringSecurity的模块 At the least, you’ll want to include the Core and Configuration modules in your ...

  2. SPRING IN ACTION 第4版笔记-第九章Securing web applications-011-把敏感信息请求转为https(requiresChannel())

    1.把包含敏感信息的请求转为https请求,则较为安全,但如何只把有需要安全的请求转为https,而不是不加分辩就把所有请求都转为https呢?可以用requiresChannel() @Overri ...

  3. SPRING IN ACTION 第4版笔记-第九章Securing web applications-010-拦截请求

    一. What if you wanted to restrict access to certain roles only on Tuesday? Using the access() method ...

  4. SPRING IN ACTION 第4版笔记-第九章Securing web applications-008-使用非关系型数据库时如何验证用户(自定义UserService)

    一. 1.定义接口 Suppose that you need to authenticate against users in a non-relational database suchas Mo ...

  5. SPRING IN ACTION 第4版笔记-第九章Securing web applications-007-设置LDAP server比较密码(contextSource、root()、ldif()、)

    一.LDAP server在哪 By default, Spring Security’s LDAP authentication assumes that the LDAP server is li ...

  6. SPRING IN ACTION 第4版笔记-第九章Securing web applications-004-对密码加密passwordEncoder

    一. 1.Focusing on the authentication query, you can see that user passwords are expected to be stored ...

  7. SPRING IN ACTION 第4版笔记-第九章Securing web applications-003-把用户数据存在数据库

    一. 1.It’s quite common for user data to be stored in a relational database, accessed via JDBC . To c ...

  8. SPRING IN ACTION 第4版笔记-第九章Securing web applications-002-把用户数据存在memory里(AuthenticationManagerBuilder、 UserDetailsManagerConfigurer.UserDetailsBuilder)

    Spring Security is extremely flexible and is capable of authenticating users against virtually any d ...

  9. SPRING IN ACTION 第4版笔记-第九章Securing web applications-009-拦截请求()

    一. 对特定的请求拦截 For example, consider the requests served by the Spittr application. Certainly, thehome ...

  10. SPRING IN ACTION 第4版笔记-第九章Securing web applications-006-用LDAP比较密码(passwordCompare()、passwordAttribute("passcode")、passwordEncoder(new Md5PasswordEncoder()))

    一. The default strategy for authenticating against LDAP is to perform a bind operation,authenticatin ...

随机推荐

  1. hibernate的运行流程

    首先了解什么是对象关系映射,ORM(Object/Relationship Mapping):对象关系映射.对象关系映射是一种为了解决面向对象与关系数据库存在的互不匹配的现象的技术.是通过使用描述对象 ...

  2. [zz] pgpool-II load balancing from FAQ

    It seems my pgpool-II does not do load balancing. Why? First of all, pgpool-II' load balancing is &q ...

  3. PerformSelector may cause a leak because its selector is unknown 解决方法

    我的技术博客经常被流氓网站恶意爬取转载.请移步原文:http://www.cnblogs.com/hamhog/p/3801030.html,享受整齐的排版.有效的链接.正确的代码缩进.更好的阅读体验 ...

  4. Apache 编译安装

    # wget http://www.apache.org/dist/httpd/httpd-2.2.9.tar.gz  (此处我是直接用的下载好的包) # tar -zxvf httpd-2.2.9. ...

  5. 斐波那契数 c 语言实现

    斐波那契数列,又称黄金数列,指的是这样一个数列:1.1.2.3.5.8.13.21.……在数学上,斐波纳契数列以如下被以递归的方法定义:F(1)=1,F(2)=1,F(n)=F(n-1)+F(n-2) ...

  6. ARM-Linux S5PV210 UART驱动(6)----platform device的添加

    开发板是飞凌OK210 arch/arm/mach-s5pv210/mach-smdkc110.c 首先是UART的寄存器默认配置信息: /* Following are default values ...

  7. C/C++错误分析errno,perror,strerror和GetLastError()函数返回的错误代码的意义

    在C语言编译中,经常会出现一些系统的错误,这些错误如果在编译的时候不能很好的“预见”,会使系统“崩溃”,常见的捕获错误函数有: errno #include<errno.h> 这个变量是程 ...

  8. 1043. Is It a Binary Search Tree

    http://www.patest.cn/contests/pat-a-practise/1043 #include <stdio.h> #include <vector> u ...

  9. 【git】学习路径失败了

    期初规划:搭建git远程服务器  使用gitlab作为管理工具 过程遇到的问题 1.gitlab不能安装到win ,且对centos要求6以上,我只有一台centos5  让运维帮升级 ...等待.. ...

  10. shell复习笔记----用户管理

    $ who    可以知道系统上有多少登陆 $who |wc -l 计算用户个数 注意:|是管道符号,可以在两个程序之间建立管道(pipeline):who 的输出,成了 wc 的输入, wc 所列出 ...