Authentication of LDAP

Recently, many basic operations have been introduced to all aspects of ldap in ldap development projects, including addition, deletion, modification, query, configuration, and connection pool, anyone who uses spring should be able to make it easy. In fact, spring-ldap provides a good description. Next, let's talk about the authentication problem. I just finished it today.

You can see that there is a related authentication method in Chapter 10th in the documentation on the official website, but there is a problem. If you do not configure things according to the document, he can pass the authentication, if you configure things according to the document and then call verification, the system will report an exception saying that you cannot find ContextSource. This is because in Chapter 6th, it changed the connection id with the server to contextSourceTarget.

However, in LDAP, contextSource is not just an id. Because in the LDAP world, it has an interface called ontextSource, which is used for verification, you can use it when you do not configure things..

In the next two sections of code, things are set together with jpa:

<Bean id = "contextSource" class = "org. springframework. ldap. core. support. ldapContextSource "> <property name =" url "value =" ldap: // 127.0.0.1: 389 "/> <property name =" userDn "value =" cn = Directory Manager "/> <property name =" password "value =" ****** "/> </bean> <bean id = "contextSourceTarget" class = "org. springframework. ldap. transaction. compensating. manager. transactionAwareContextSourceProxy "> <constructor-arg Ref = "contextSource"/> </bean> <bean id = "ldapTemplateAuthention" class = "org. springframework. ldap. core. ldapTemplate "> <constructor-arg ref =" contextSource "/> </bean> <bean id =" ldapTemplate "class =" org. springframework. ldap. core. ldapTemplate "> <constructor-arg ref =" contextSourceTarget "/> </bean> <bean id =" transactionManager "class =" com. smarcloud. control. util. contextSourceAndJpaTransactionManager "> <pro Perty name = "contextSource" ref = "contextSourceTarget"/> <property name = "entityManagerFactory" ref = "entityManagerFactory"/> <! -- This is jpa --> </bean> <tx: annotation-driven transaction-manager = "transactionManager"/>

Then, you can make sure that your authentication method is available and there are still things.

The main reason why two ldaptemplates are required is that the class = "org. springframework. ldap. transaction. compensating. manager. transactionAwareContextSourceProxy "the proxy here in spring does not support the contextSource verification source code. It is very difficult to complete), so write a separate" ldapTemplateAuthention "for separate verification, "ldapTemplate" is used for normal business and transactions.

The following is the authentication method, which is listed on the official website at 0.0:

public boolean authentication(String uid){    CollectingAuthenticationErrorCallback errorCallback = new CollectingAuthenticationErrorCallback();     String filter = "(&(objectclass=inetOrgPerson)(uid=" + uid + "))";    boolean result = ldapTemplateAuthention.authenticate("", filter.toString(), "123456", errorCallback);    if (!result) {      Exception error = errorCallback.getError();      // error is likely of type org.springframework.ldap.AuthenticationException      error.printStackTrace();}    return result;}

OK. If the authentication succeeds, "true" means "false", an exception is returned.

This article from the "Write down on the right" blog, please be sure to keep this source http://jueshizhanhun.blog.51cto.com/4372226/1272001