一、

1.This method is the  LDAP analog to  jdbcAuthentication()

 @Override

 protected void configure(AuthenticationManagerBuilder auth)

 throws Exception {

     auth

         .ldapAuthentication()

         .userSearchFilter("(uid={0})")

         .groupSearchFilter("member={0}");

 }

The userSearchFilter() and groupSearchFilter() methods are used to provide a filter for the base LDAP queries, which are used to search for users and groups. By default, the base queries for both users and groups are empty, indicating that the search will be done from the root of the LDAP hierarchy. But you can change that by specifying a query base:

 @Override

 protected void configure(AuthenticationManagerBuilder auth)

 throws Exception {

     auth

         .ldapAuthentication()

         .userSearchBase("ou=people")

         .userSearchFilter("(uid={0})")

         .groupSearchBase("ou=groups")

         .groupSearchFilter("member={0}");

 }

The userSearchBase() method provides a base query for finding users. Likewise, the groupSearchBase() specifies the base query for finding groups. Rather than search from the root, this example specifies that users be searched for where the organization unit is people . And groups should be searched for where the organizational unit is groups .

SPRING IN ACTION 第4版笔记-第九章Securing web applications-005-Applying LDAP-backed authentication的更多相关文章

  1. SPRING IN ACTION 第4版笔记-第九章Securing web applications-001-SpringSecurity简介(DelegatingFilterProxy、AbstractSecurityWebApplicationInitializer、WebSecurityConfigurerAdapter、@EnableWebSecurity、@EnableWebMvcS)

    一.SpringSecurity的模块 At the least, you’ll want to include the Core and Configuration modules in your ...

  2. SPRING IN ACTION 第4版笔记-第九章Securing web applications-011-把敏感信息请求转为https(requiresChannel())

    1.把包含敏感信息的请求转为https请求,则较为安全,但如何只把有需要安全的请求转为https,而不是不加分辩就把所有请求都转为https呢?可以用requiresChannel() @Overri ...

  3. SPRING IN ACTION 第4版笔记-第九章Securing web applications-010-拦截请求

    一. What if you wanted to restrict access to certain roles only on Tuesday? Using the access() method ...

  4. SPRING IN ACTION 第4版笔记-第九章Securing web applications-008-使用非关系型数据库时如何验证用户(自定义UserService)

    一. 1.定义接口 Suppose that you need to authenticate against users in a non-relational database suchas Mo ...

  5. SPRING IN ACTION 第4版笔记-第九章Securing web applications-007-设置LDAP server比较密码(contextSource、root()、ldif()、)

    一.LDAP server在哪 By default, Spring Security’s LDAP authentication assumes that the LDAP server is li ...

  6. SPRING IN ACTION 第4版笔记-第九章Securing web applications-004-对密码加密passwordEncoder

    一. 1.Focusing on the authentication query, you can see that user passwords are expected to be stored ...

  7. SPRING IN ACTION 第4版笔记-第九章Securing web applications-003-把用户数据存在数据库

    一. 1.It’s quite common for user data to be stored in a relational database, accessed via JDBC . To c ...

  8. SPRING IN ACTION 第4版笔记-第九章Securing web applications-002-把用户数据存在memory里(AuthenticationManagerBuilder、 UserDetailsManagerConfigurer.UserDetailsBuilder)

    Spring Security is extremely flexible and is capable of authenticating users against virtually any d ...

  9. SPRING IN ACTION 第4版笔记-第九章Securing web applications-009-拦截请求()

    一. 对特定的请求拦截 For example, consider the requests served by the Spittr application. Certainly, thehome ...

  10. SPRING IN ACTION 第4版笔记-第九章Securing web applications-006-用LDAP比较密码(passwordCompare()、passwordAttribute("passcode")、passwordEncoder(new Md5PasswordEncoder()))

    一. The default strategy for authenticating against LDAP is to perform a bind operation,authenticatin ...

随机推荐

  1. [Bootstrap]全局样式(四)

    按钮 1.基本类.btn {display/padding/margin-bottom/font-size/border-radius/border} 作用于< a:role:button &g ...

  2. spring读取prperties配置文件(1)

    博客地址http://www.cnblogs.com/shizhongtao/p/3438431.html 属性文件命名是*.properties,在java中,用类java.util.Propert ...

  3. Ubuntu环境变量——添加与删除

    转自:http://beanocean.diandian.com/post/2013-11-09/40060047963 注: 1.作者的系统是Ubuntu 13.10,在其他linux发行版中环境变 ...

  4. 在Mac OS X中使用VIM开发STM32(4)

    本文原创于http://www.cnblogs.com/humaoxiao,非法转载者请自重!       在上三篇文章中,我们基本搭建好了开发STM32的IDE环境,当然vim.ctags.tagl ...

  5. C# - write values to configuration file

    using System.Configuration;System.Configuration.Configuration config = ConfigurationManager.OpenExeC ...

  6. PHP curl 模拟登录

    //提交数据,生成cookie,将cookie保存在临时目录下//在指定目录中建立一个具有唯一文件名的文件.如果该目录不存在,tempnam() 会在系统临时目录中生成一个文件,并返回其文件名 $co ...

  7. UTF8后MD5

    function ToUTF8Encode(str: string): string; //将字符串转UTF8编码 var b: Byte; begin for b in BytesOf(UTF8En ...

  8. Linux ps同时查找多个进程

    1.显示当前所有进程 SDCxM-SDCAM-root-root> ps aux USER       PID %CPU %MEM    VSZ   RSS TTY      STAT STAR ...

  9. 获取股票历史数据和当前数据的API

    关键字:股票,stock,API,接口 1.获取股票当前数据 新浪数据接口:http://hq.sinajs.cn/list={code}.{code}替换为股票代码,沪市股票代码加前缀sh,深市股票 ...

  10. 由底层和逻辑说开去--c++之引用的深入剖析

    在学c++的时候 我遇到的第一个问题就是这个引用,引用是什么东西,我的c++启蒙教科书是c++ primer plus,这本书上说的是:引用是已定义变量的别名,可以使用这个引用来表示这个变量:每当看到 ...