一、

1.This method is the  LDAP analog to  jdbcAuthentication()

 @Override

 protected void configure(AuthenticationManagerBuilder auth)

 throws Exception {

     auth

         .ldapAuthentication()

         .userSearchFilter("(uid={0})")

         .groupSearchFilter("member={0}");

 }

The userSearchFilter() and groupSearchFilter() methods are used to provide a filter for the base LDAP queries, which are used to search for users and groups. By default, the base queries for both users and groups are empty, indicating that the search will be done from the root of the LDAP hierarchy. But you can change that by specifying a query base:

 @Override

 protected void configure(AuthenticationManagerBuilder auth)

 throws Exception {

     auth

         .ldapAuthentication()

         .userSearchBase("ou=people")

         .userSearchFilter("(uid={0})")

         .groupSearchBase("ou=groups")

         .groupSearchFilter("member={0}");

 }

The userSearchBase() method provides a base query for finding users. Likewise, the groupSearchBase() specifies the base query for finding groups. Rather than search from the root, this example specifies that users be searched for where the organization unit is people . And groups should be searched for where the organizational unit is groups .

SPRING IN ACTION 第4版笔记-第九章Securing web applications-005-Applying LDAP-backed authentication的更多相关文章

  1. SPRING IN ACTION 第4版笔记-第九章Securing web applications-001-SpringSecurity简介(DelegatingFilterProxy、AbstractSecurityWebApplicationInitializer、WebSecurityConfigurerAdapter、@EnableWebSecurity、@EnableWebMvcS)

    一.SpringSecurity的模块 At the least, you’ll want to include the Core and Configuration modules in your ...

  2. SPRING IN ACTION 第4版笔记-第九章Securing web applications-011-把敏感信息请求转为https(requiresChannel())

    1.把包含敏感信息的请求转为https请求,则较为安全,但如何只把有需要安全的请求转为https,而不是不加分辩就把所有请求都转为https呢?可以用requiresChannel() @Overri ...

  3. SPRING IN ACTION 第4版笔记-第九章Securing web applications-010-拦截请求

    一. What if you wanted to restrict access to certain roles only on Tuesday? Using the access() method ...

  4. SPRING IN ACTION 第4版笔记-第九章Securing web applications-008-使用非关系型数据库时如何验证用户(自定义UserService)

    一. 1.定义接口 Suppose that you need to authenticate against users in a non-relational database suchas Mo ...

  5. SPRING IN ACTION 第4版笔记-第九章Securing web applications-007-设置LDAP server比较密码(contextSource、root()、ldif()、)

    一.LDAP server在哪 By default, Spring Security’s LDAP authentication assumes that the LDAP server is li ...

  6. SPRING IN ACTION 第4版笔记-第九章Securing web applications-004-对密码加密passwordEncoder

    一. 1.Focusing on the authentication query, you can see that user passwords are expected to be stored ...

  7. SPRING IN ACTION 第4版笔记-第九章Securing web applications-003-把用户数据存在数据库

    一. 1.It’s quite common for user data to be stored in a relational database, accessed via JDBC . To c ...

  8. SPRING IN ACTION 第4版笔记-第九章Securing web applications-002-把用户数据存在memory里(AuthenticationManagerBuilder、 UserDetailsManagerConfigurer.UserDetailsBuilder)

    Spring Security is extremely flexible and is capable of authenticating users against virtually any d ...

  9. SPRING IN ACTION 第4版笔记-第九章Securing web applications-009-拦截请求()

    一. 对特定的请求拦截 For example, consider the requests served by the Spittr application. Certainly, thehome ...

  10. SPRING IN ACTION 第4版笔记-第九章Securing web applications-006-用LDAP比较密码(passwordCompare()、passwordAttribute("passcode")、passwordEncoder(new Md5PasswordEncoder()))

    一. The default strategy for authenticating against LDAP is to perform a bind operation,authenticatin ...

随机推荐

  1. javascript笔记——js面试问题

    1:javascript中的变量提升(先使用再声明,js中的函数也存在函数提升) 2:js中的事件捕获和事件冒泡(是两个相反的过程) 3:js中的动画队列(比如animate动画没有在点击的时候阻止正 ...

  2. 使用AngularJS构建大型Web应用

    AngularJS是由Google创建的一种JS框架,使用它可以扩展应用程序中的HTML词汇,从而在web应用程序中使用HTML声明动态内容.在该团队工作的软件工程师Brian Ford近日撰写了一篇 ...

  3. Script 代码段

    script代码段 1.script代码段的执行 在Javascript代码中,可以使用script作为基本标识,script代码段在运行过程中是分段解析与执行的. 2.script代码段执行流程 在 ...

  4. Php 操作事务

    PHP来操作数据库 关于事务操作 连接数据 mysql_connect('localhost','root','123'); 设置字符集 mysql_query('set names utf8'); ...

  5. c++ algorithm 的用法

    1 , accumulate()template<class _II, class _Ty> inline_Ty accumulate(_II _F, _II _L, _Ty _V){fo ...

  6. Objective-C常用类型、对象、方法

    结构体 NSRange range=NSMakeRange(8,10);从0数第八个元素开始长度为10: NSString *str=NSStringFormRange(range); NSLog(@ ...

  7. LeetCode之Single Number以及拓展

    Problem 1:一个数组中有一个数字a只出现一次,其他数字都出现了两次.请找出这个只出现一次的数字? 考察知识点:异或运算 思路:比如数字 b^b = 0     a^0 = a 因此,可以将数组 ...

  8. 1010. Radix (25)

    Given a pair of positive integers, for example, 6 and 110, can this equation 6 = 110 be true? The an ...

  9. 1009. Product of Polynomials (25)

    #include <stdio.h> struct MyStruct { int exp; double coe; }; int main() { int k1,k2,i,j; MyStr ...

  10. sp_depends 查询在sybase中依赖的函数

    sp_depends 查询在sybase中依赖的函数. sp_depends tblEK7_policy_exclude sp_depends tblEK7_agent_exclude