In the previous article, a simple authentication method and password must start with the user name. In previous projects, LDAP was often used as the unified authentication source for single-point logon. Therefore, we wanted to extend an LDAP authentication method. I usually use the following LDAP servers in my project: SunOne LDAP, Oracle Internet Directory, Oracle Directory Server Enterprise Edition, and Oracle Unified Directory. These are some commercial LDAP products that are already familiar with. If you want to try OpenLDAP, you have set up an OpenLDAP server.
First, prepare the following software:
OpenLDAP: http://sourceforge.jp/projects/sfnet_openldapwindows/releases/
Ldapbrowser: http://www.ldapbrowser.com
Next, we will set up and configure the OpenLDAP server, which is easily accessible on the Internet.
Third, go to the topic. Find the beans in cas/WEB-INF/lib/deployerConfigContext. xml and add the following Configuration:
<Bean id = "contextSource" class = "org. springframework. ldap. core. support. ldapContextSource "> <property name =" anonymousReadOnly "value =" false "/> <property name =" pooled "value =" true "/> <property name =" urls "> <list> <value> ldap: // localhost: 389 </value> </list> </property> <property name = "userDn" value = "CN = manager, dc = my-domain, dc = com "/> <property name =" password "value =" secret "/> <property name =" baseEnv IronmentProperties "> <map> <! -- Ldap ssl access configuration <entry key = "java. naming. security. protocol "value =" ssl "/> --> <entry key =" java. naming. security. authentication "value =" simple "/> </map> </property> </bean>
Fourth, find authenticationHandlers in cas/WEB-INF/lib/deployerConfigContext. xml and add the following content:
<Bean class = "org. jasig. cas. adaptors. ldap. bindLdapAuthenticationHandler "> <property name =" filter "value =" uid = % u "/> <property name =" searchBase "value =" ou = people, dc = my-domain, dc = com "/> <property name =" contextSource "ref =" contextSource "/> <! -- Allow multiple accounts --> <property name = "allowMultipleAccounts" value = "true"/> </bean>
Finally, restart the CAS server. Then, you can use the user and password in OpenLDAP to log on to the CAS server.
This article from "Graph learning" blog, please be sure to keep this source http://feiquan16.blog.51cto.com/336861/1303204