代码拉取完成,页面将自动刷新
本教程主要详细讲解Spring Security使用LDAP做单点登录。
技术 | 版本 |
---|---|
Java | 1.8+ |
SpringBoot | 2.x.x |
Security | 5.x |
LDAP | 任意版本 |
mvn archetype:generate -DgroupId=com.edurt.sli.slisl -DartifactId=spring-learn-integration-security-ldap -DarchetypeArtifactId=maven-archetype-quickstart -Dversion=1.0.0 -DinteractiveMode=false
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<parent>
<artifactId>spring-learn-integration-security</artifactId>
<groupId>com.edurt.sli</groupId>
<version>1.0.0</version>
</parent>
<modelVersion>4.0.0</modelVersion>
<artifactId>spring-learn-integration-security-ldap</artifactId>
<name>SpringBoot Security使用LDAP单点登录</name>
<properties>
<dependency.spring.security.ldap.version>5.1.5.RELEASE</dependency.spring.security.ldap.version>
</properties>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
<version>${dependency.springboot2.common.version}</version>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
<version>${dependency.springboot2.common.version}</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-ldap</artifactId>
<version>${dependency.spring.security.ldap.version}</version>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
<version>${dependency.springboot2.common.version}</version>
<configuration>
<fork>true</fork>
</configuration>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-compiler-plugin</artifactId>
<version>${plugin.maven.compiler.version}</version>
<configuration>
<source>${system.java.version}</source>
<target>${system.java.version}</target>
</configuration>
</plugin>
</plugins>
</build>
</project>
spring-boot-starter-security
启动spring security安全框架
spring-security-ldap
启动spring security ldap框架支持
/**
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
* <p>
* http://www.apache.org/licenses/LICENSE-2.0
* <p>
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.edurt.sli.slisl;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.stereotype.Component;
/**
* <p> SpringBootSecurityLDAPIntegration </p>
* <p> Description : SpringBootSecurityLDAPIntegration </p>
* <p> Author : qianmoQ </p>
* <p> Version : 1.0 </p>
* <p> Create Time : 2019-06-19 19:50 </p>
* <p> Author Email: <a href="mailTo:shichengoooo@163.com">qianmoQ</a> </p>
*/
@SpringBootApplication
@Component(value = "com.edurt.sli.slisl")
public class SpringBootSecurityLDAPIntegration {
public static void main(String[] args) {
SpringApplication.run(SpringBootSecurityLDAPIntegration.class, args);
}
}
/src/main/java/com/edurt/sli/slisl
目录下创建config目录,并在该目录下新建LdapConfig文件/**
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
* <p>
* http://www.apache.org/licenses/LICENSE-2.0
* <p>
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.edurt.sli.slisl.config;
import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.stereotype.Component;
/**
* <p> LdapConfig </p>
* <p> Description : LdapConfig </p>
* <p> Author : qianmoQ </p>
* <p> Version : 1.0 </p>
* <p> Create Time : 2019-06-19 20:24 </p>
* <p> Author Email: <a href="mailTo:shichengoooo@163.com">qianmoQ</a> </p>
*/
@Component
@ConfigurationProperties(prefix = "custom.ldap")
public class LdapConfig {
private String searchBase;
private String searchFilter;
private String url;
private String manageDN;
private String managePassword;
public LdapConfig() {
}
public String getSearchBase() {
return searchBase;
}
public void setSearchBase(String searchBase) {
this.searchBase = searchBase;
}
public String getSearchFilter() {
return searchFilter;
}
public void setSearchFilter(String searchFilter) {
this.searchFilter = searchFilter;
}
public String getUrl() {
return url;
}
public void setUrl(String url) {
this.url = url;
}
public String getManageDN() {
return manageDN;
}
public void setManageDN(String manageDN) {
this.manageDN = manageDN;
}
public String getManagePassword() {
return managePassword;
}
public void setManagePassword(String managePassword) {
this.managePassword = managePassword;
}
}
@ConfigurationProperties(prefix = "custom.ldap")
标志着配置文件中的配置是按照custom.ldap
开头
/**
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
* <p>
* http://www.apache.org/licenses/LICENSE-2.0
* <p>
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.edurt.sli.slisl.config;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
/**
* <p> SecurityConfig </p>
* <p> Description : SecurityConfig </p>
* <p> Author : qianmoQ </p>
* <p> Version : 1.0 </p>
* <p> Create Time : 2019-06-19 19:52 </p>
* <p> Author Email: <a href="mailTo:shichengoooo@163.com">qianmoQ</a> </p>
*/
@Configuration
public class SecurityLdapConfig extends WebSecurityConfigurerAdapter {
@Autowired
private LdapConfig config;
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.ldapAuthentication()
.userSearchBase(config.getSearchBase())
.userSearchFilter(config.getSearchFilter())
.contextSource()
.url(config.getUrl())
.managerDn(config.getManageDN())
.managerPassword(config.getManagePassword());
}
}
server.port=8989
custom.ldap.searchBase=OU=example,DC=example,DC=intra
custom.ldap.searchFilter=(sAMAccountName={0})
custom.ldap.url=ldap://192.168.0.5:389
custom.ldap.manageDN=cn=function,OU=Email Account,dc=example,dc=intra
custom.ldap.managePassword=example
在/src/main/java/com/edurt/sli/slisl
目录下创建controller目录,并在该目录下新建HelloLDAPController文件
/**
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
* <p>
* http://www.apache.org/licenses/LICENSE-2.0
* <p>
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.edurt.sli.slisl.controller;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import java.security.Principal;
import java.util.Map;
/**
* <p> HelloLDAPController </p>
* <p> Description : HelloLDAPController </p>
* <p> Author : qianmoQ </p>
* <p> Version : 1.0 </p>
* <p> Create Time : 2019-06-19 20:12 </p>
* <p> Author Email: <a href="mailTo:shichengoooo@163.com">qianmoQ</a> </p>
*/
@Controller
public class HelloLDAPController {
@RequestMapping("/secure")
public String secure(Map<String, Object> model, Principal principal) {
model.put("title", "授权成功");
model.put("message", "仅授权可查看的页面");
model.put("name", principal.getName());
return "home";
}
}
输入你的LDAP账号信息即可校验成功,跳转到授权的数据页面
mvn clean package -Dmaven.test.skip=true -X
运行打包后的文件即可
java -jar target/spring-learn-integration-security-ldap-1.0.0.jar
此处可能存在不合适展示的内容,页面不予展示。您可通过相关编辑功能自查并修改。
如您确认内容无涉及 不当用语 / 纯广告导流 / 暴力 / 低俗色情 / 侵权 / 盗版 / 虚假 / 无价值内容或违法国家有关法律法规的内容,可点击提交进行申诉,我们将尽快为您处理。