Spring security integrates with LDAP services for unified authentication

Source: Internet
Author: User
Tags ldap sessions

<span style= "FONT-SIZE:18PX;" > First of all, spring security is a strong spring-based secure authentication module that provides a set of beans that can be configured in the context of the spring application, taking full advantage of the spring Ioc,di (control reversal inversion of Control, Di:dependency injection Dependency injection) and AOP (aspect-oriented programming) feature provide declarative, secure access control for application systems. </span>

LDAP is a Lightweight Directory Access Protocol, based on the TCP/IP protocol, generally provides a unified access to the basic information of the enterprise, its stored data is stored in a tree structure, so the access speed is very fast, but the relative storage speed is very slow. Of course, you can't use SQL statements, either.

The first thing to say about the required jar package, of course, there are MAVEN configuration, there should be a lot of online

Spring-security-config

Spring-security-core

Spring-security-ldap

Spring-security-taglibs

Spring-security-web

Well, start by configuring Spring-security, because it's spring-based, it's simple to configure

First configure a security filter in Web,xml:


<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>

<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
Then configure a bean in the Spring-mvc file.



<bean id= "Ldapauthprovider" class= " Org.springframework.security.ldap.authentication.LdapAuthenticationProvider ">
<constructor-arg>
<bean class= "Org.springframework.security.ldap.authentication.BindAuthenticator" >
<constructor-arg ref= "Contextsource"/>
<property name= "Usersearch" >
<bean id= "Usersearch" class= "Org.springframework.security.ldap.search.FilterBasedLdapUserSearch" >
<constructor-arg index= "0" value= ""/>
<constructor-arg index= "1" value= "(uid={0})"/>
<constructor-arg index= "2" ref= "Contextsource"/>
</bean>
</property>
</bean>
</constructor-arg>
<constructor-arg>
<bean class= "Org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator" >
<constructor-arg ref= "Contextsource"/>
<constructor-arg value= ""/>
<property name= "Defaultrole" value= "Role_user"/>
</bean>
</constructor-arg>
</bean>

You also need to configure the LDAP data source:



<bean id= "Contextsource" class= "Org.springframework.security.ldap.DefaultSpringSecurityContextSource" >
<constructor-arg value= "ldap://192.168.0.1:389/dc=gnetis,dc=com"/>
<property name= "UserDN" value= "cn=manager,dc=gnetis,dc=com"/>
<property name= "Password" value= "admin"/>
</bean>


Okay, and then there's a spring-security.xml that needs to be created and configured:

<?xml version= "1.0" encoding= "UTF-8"?>
<beans:beans xmlns= "Http://www.springframework.org/schema/security"
Xmlns:beans= "Http://www.springframework.org/schema/beans"
Xmlns:xsi= "Http://www.w3.org/2001/XMLSchema-instance"
xsi:schemalocation= "Http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/ Spring-beans-3.1.xsd
Http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd ">

<!--Spring Security--
<!--do not enable security verification--
<!--<intercept-url pattern= "/login.jsp" access= "is_authenticated_anonymously"/>
<intercept-url pattern= "/**" access= "Role_user"/>

<form-login login-page= "/login.jsp" login-processing-url= "/loginprocess"
Authentication-failure-url= "/login.jsp?login_error=1"
Default-target-url= "/home/index" always-use-default-target= "true"/>

<logout logout-success-url= "/login.jsp" delete-cookies= "Jsessionid"/>

<!--uncomment to limit the number of sessions a user can has-
<session-management invalid-session-url= "/login.jsp" >
<concurrency-control max-sessions= "1" error-if-maximum-exceeded= "false"/>
</session-management>
<authentication-manager>
<authentication-provider ref= "Ldapauthprovider" ></authentication-provider>
</authentication-manager>


</beans:beans>

Be sure to note the xsi:schemalocation URL address of the fill, otherwise various errors.

Where login.jsp is the default entry page, Home/index is the path to the default page,

Then configure the bean configuration in the Spring-mvc inside the Authentication-manager, remember to write login.jsp, such as:


<%@ page language= "java" import= "java.util.*" pageencoding= "Utf-8"%>
<%@ taglib prefix= "C" uri= "Http://java.sun.com/jsp/jstl/core"%>
<%@ taglib uri= "http://java.sun.com/jsp/jstl/functions" prefix= "FN"%>
<%@ taglib prefix= "form" uri= "Http://www.springframework.org/tags/form"%>
<%@ page import= "Org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter"%>
<%@ page import= "Org.springframework.security.core.AuthenticationException"%>
<%
String path = Request.getcontextpath ();
String basepath = request.getscheme () + "://" +request.getservername () + ":" +request.getserverport () +path+ "/";
%>
<! DOCTYPE html>
<base href= "<%=basePath%>" >
<meta charset= "Utf-8" >
<meta http-equiv= "x-ua-compatible" content= "Ie=edge" >
<meta name= "viewport" content= "Width=device-width, initial-scale=1" >
<!--the above 3 meta tags *must* come first in the head; Any other head content must come *after* these tags--
<meta name= "description" content= "" >
<meta name= "Author" content= "" >
<link rel= "icon" href= "<%=basepath%>/resources/dist/img/favicon.ico" >


<title>XXXXX</title>


<!--Bootstrap Core CSS--
<link href= "<%=basepath%>/resources/dist/css/bootstrap.min.css" rel= "stylesheet" >


<!--Custom styles for this template---
<link href= "<%=basepath%>/resources/dist/css/signin.css" rel= "stylesheet" >


<!--Just for debugging purposes. Don ' t actually copy these 2 lines! -
<!--[if Lt IE 9]><script src=]. /.. /assets/js/ie8-responsive-file-warning.js "></script><! [endif]-->
<script src= "<%=basepath%>/resources/dist/js/ie-emulation-modes-warning.js" ></script>


<!--HTML5 Shim and Respond.js for IE8 support of HTML5 elements and media queries-
<!--[If Lt IE 9]>
<script src= "Https://oss.maxcdn.com/html5shiv/3.7.2/html5shiv.min.js" ></script>
<script src= "Https://oss.maxcdn.com/respond/1.4.2/respond.min.js" ></script>
<! [endif]-->


<body style= "Position:absolute;height:100%;background: #007788;" >
<div class= "Container" style= "border-top:3px solid #ccc; border-bottom:3px solid #ccc; border-right:5px solid #ccc; <c:if test= "${lose== ' 1 '}" >border-right:5px solid #F22715; </c:if>background: #FFFFFF; margin-top:150px; Color: #007788; opacity:0.8; " >

<div class= "Row featurette" >
<div class= "Col-md-6" >
<p style= "color: #085D1F; font-weight:bold;font-size:48px;line-height:250px;text-align:center;" >&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; full-time operations center </p>
</div>
<div class= "Col-md-6" >
<form class= "Form-signin" id= "F" name= "F" action= "<c:url value="/loginprocess "/>" method= "POST" >
<br>
<br>
<label for= "Inputemail" class= "Sr-only" >email</label>
<input type= "text" id= "Inputemail" name= "J_username" class= "Form-control" placeholder= "Please enter mailbox" required autofocus >
<br>
<label for= "Inputpassword" class= "Sr-only" >password</label>
<input type= "Password" id= "Inputpassword" name= "J_password" class= "Form-control" placeholder= "Please enter password" required>

<input name= "_spring_security_remember_me" id= "Remember_me" type= "checkbox"/>
<label for= "Remember_me" >remember</label>

<input class= "btn btn-lg btn-success btn-block" value= "Login" type= "Submit" ></input>
</form>
<c:if test= "${not Empty Param.login_error}" >
<p class= "Text-center" style= "color:red;" >
Login failed: <%= ((authenticationexception) Session.getattribute (usernamepasswordauthenticationfilter.spring_security _last_exception_key)). GetMessage ()%>
</p>
</c:if>
</div>
</div>
<br>
<br>
</div>

<!--IE10 viewport hack for surface/desktop Windows 8 Bugs--
<script src= "<%=basepath%>/resources/dist/js/ie10-viewport-bug-workaround.js" ></script>
</body>




Copyright NOTICE: This article for Bo Master original article, without Bo Master permission not reproduced.

Spring security integrates with LDAP services for unified authentication

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.