LDAP SSO с вафлей - PullRequest
Новая
       50

LDAP SSO с вафлей

2 голосов
/ 29 апреля 2019

Я использую веб-приложение Spring 5.

Я совершенно новичок в Waffle. Я хотел бы использовать waffle, чтобы пользователи могли проходить аутентификацию в моем веб-приложении со своими учетными данными Windows.Как только я получу имя пользователя, я выполню поиск LDAP.

Но я не уверен, где я могу написать свой код настройки для получения имени пользователя для проверки?

Я пытался использовать Spring Security LDAP.Но не могу получить имя пользователя окна.В сети кто-то предлагает использовать вафлю для получения информации о пользователе

Код WebSecurityConfig 

 @Autowired
public WindowsAuthenticationProvider windowsAuthenticationProvider;

@Autowired
private NegotiateSecurityFilter securityFilter;

@Autowired
private NegotiateSecurityFilterEntryPoint authenticationEntryPoint;


@Override
protected void configure(final HttpSecurity http) throws Exception {
    http
        .authorizeRequests()
            .anyRequest().authenticated()
        .and()
            .addFilterBefore(this.securityFilter, BasicAuthenticationFilter.class)
            .httpBasic()
            .authenticationEntryPoint(this.authenticationEntryPoint)
        .and()
            .authenticationProvider(windowsAuthenticationProvider) // Set authentication provider here
            .formLogin();
            //.authenticationDetailsSource(waffleAuthenticationDetailsSource);

}

//Waffle Spring Security Beans
@Bean
public WindowsAuthProviderImpl windowsAuthProvider() {
    WindowsAuthProviderImpl waffle = new WindowsAuthProviderImpl();
    return waffle;
}
@Bean
@Autowired
public NegotiateSecurityFilterProvider negotiateSecurityFilterProvider(final WindowsAuthProviderImpl windowsAuthProvider) {

    return new NegotiateSecurityFilterProvider(windowsAuthProvider);
}
@Bean
@Autowired
public SecurityFilterProviderCollection waffleSecurityFilterProviderCollection(final NegotiateSecurityFilterProvider negotiateSecurityFilterProvider) {

    final List<SecurityFilterProvider> securityFilterProviders = new ArrayList<SecurityFilterProvider>();
    securityFilterProviders.add(negotiateSecurityFilterProvider);
    return new SecurityFilterProviderCollection(securityFilterProviders.toArray(new SecurityFilterProvider[]{}));
}
@Bean
@Autowired
public NegotiateSecurityFilterEntryPoint negotiateSecurityFilterEntryPoint(final SecurityFilterProviderCollection securityFilterProviderCollection) {
    final NegotiateSecurityFilterEntryPoint negotiateSecurityFilterEntryPoint = new NegotiateSecurityFilterEntryPoint();
    negotiateSecurityFilterEntryPoint.setProvider(securityFilterProviderCollection);
    return negotiateSecurityFilterEntryPoint;
}
@Bean
@Autowired
public NegotiateSecurityFilter waffleNegotiateSecurityFilter(final SecurityFilterProviderCollection securityFilterProviderCollection) {
    final NegotiateSecurityFilter negotiateSecurityFilter = new NegotiateSecurityFilter();
    negotiateSecurityFilter.setProvider(securityFilterProviderCollection);
    return negotiateSecurityFilter;
}

@Bean
@Autowired
public WindowsAuthenticationProvider windowsAuthenticationProvider(final WindowsAuthProviderImpl windowsAuthProvider) {

    WindowsAuthenticationProvider provider = new WindowsAuthenticationProvider();

    provider.setAuthProvider(windowsAuthProvider);
    return provider;
}

xml 

<http use-expressions="true">
    <intercept-url pattern="/**" access="isAuthenticated()" />
    <custom-filter ref="waffleNegotiateSecurityFilter" position="BASIC_AUTH_FILTER" />
    <http-basic />
</http>

<beans:bean id="waffleNegotiateSecurityFilter" class="waffle.spring.NegotiateSecurityFilter">
    <beans:property name="Provider" ref="waffleSecurityFilterProviderCollection" />
</beans:bean>

<authentication-manager>
    <authentication-provider ref="customAuthenticationProvider" />
</authentication-manager>

<beans:bean id="customAuthenticationProvider" class="sunrise.crm.webapp.common.security.CustomAuthenticationProvider">
    <!-- <beans:property name="userDetailsService" ref="userDetailsService" /> -->
</beans:bean>

<beans:bean id="waffleWindowsAuthProvider" class="waffle.windows.auth.impl.WindowsAuthProviderImpl" />

<beans:bean id="negotiateSecurityFilterProvider" class="waffle.servlet.spi.NegotiateSecurityFilterProvider">
    <beans:constructor-arg ref="waffleWindowsAuthProvider" />
</beans:bean>

<beans:bean id="basicSecurityFilterProvider" class="waffle.servlet.spi.BasicSecurityFilterProvider">
    <beans:constructor-arg ref="waffleWindowsAuthProvider" />
</beans:bean>

<beans:bean id="waffleSecurityFilterProviderCollection" class="waffle.servlet.spi.SecurityFilterProviderCollection">
    <beans:constructor-arg>
        <beans:list>
            <beans:ref bean="negotiateSecurityFilterProvider" />               
            <beans:ref bean="basicSecurityFilterProvider" />               
        </beans:list>
    </beans:constructor-arg>
</beans:bean>
...