spring - 无法与活动目录绑定
问题描述
我是这个域的新手,并试图spring ldap client在 java 中使用活动目录绑定。我已经用谷歌搜索并尝试了互联网上的每个给定解决方案,但它对我不起作用。我收到以下异常:
021-08-02T14:14:04,377 DEBUG [AbstractContextSource] - Got Ldap context on server [********]
2021-08-02T14:14:04,381 ERROR [UserService] - #### NamingException #### {}
org.springframework.ldap.UncategorizedLdapException: Uncategorized exception occured during LDAP processing; nested exception is javax.naming.NamingException: [LDAP: error code 1 - 000004DC: LdapErr: DSID-0C090A71, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, v3839�]; remaining name ‘/’
at org.springframework.ldap.support.LdapUtils.convertLdapException(LdapUtils.java:228) ~[spring-ldap-core-2.3.4.RELEASE.jar:2.3.4.RELEASE]
at org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:397) ~[spring-ldap-core-2.3.4.RELEASE.jar:2.3.4.RELEASE]
at org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:309) ~[spring-ldap-core-2.3.4.RELEASE.jar:2.3.4.RELEASE]
at org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:642) ~[spring-ldap-core-2.3.4.RELEASE.jar:2.3.4.RELEASE]
at org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:578) ~[spring-ldap-core-2.3.4.RELEASE.jar:2.3.4.RELEASE]
at org.springframework.ldap.core.LdapTemplate.find(LdapTemplate.java:1840) ~[spring-ldap-core-2.3.4.RELEASE.jar:2.3.4.RELEASE]
at org.springframework.ldap.core.LdapTemplate.find(LdapTemplate.java:1861) ~[spring-ldap-core-2.3.4.RELEASE.jar:2.3.4.RELEASE]
at org.springframework.ldap.core.LdapTemplate.findOne(LdapTemplate.java:1869) ~[spring-ldap-core-2.3.4.RELEASE.jar:2.3.4.RELEASE]
at org.springframework.data.ldap.repository.query.AbstractLdapRepositoryQuery.execute(AbstractLdapRepositoryQuery.java:70) ~[spring-data-ldap-2.3.9.RELEASE.jar:2.3.9.RELEASE]
at org.springframework.data.repository.core.support.RepositoryMethodInvoker$RepositoryQueryMethodInvoker$$Lambda$1419/947388427.invoke(Unknown Source) ~[?:?]
at org.springframework.data.repository.core.support.RepositoryMethodInvoker.doInvoke(RepositoryMethodInvoker.java:137) ~[spring-data-commons-2.5.1.jar:2.5.1]
at org.springframework.data.repository.core.support.RepositoryMethodInvoker.invoke(RepositoryMethodInvoker.java:121) ~[spring-data-commons-2.5.1.jar:2.5.1]
at org.springframework.data.repository.core.support.QueryExecutorMethodInterceptor.doInvoke(QueryExecutorMethodInterceptor.java:159) ~[spring-data-commons-2.5.1.jar:2.5.1]
at org.springframework.data.repository.core.support.QueryExecutorMethodInterceptor.invoke(QueryExecutorMethodInterceptor.java:138) ~[spring-data-commons-2.5.1.jar:2.5.1]
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186) ~[spring-aop-5.3.7.jar:5.3.7]
at org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:97) ~[spring-aop-5.3.7.jar:5.3.7]
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186) ~[spring-aop-5.3.7.jar:5.3.7]
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:215) ~[spring-aop-5.3.7.jar:5.3.7]
at com.sun.proxy.$Proxy79.findUserByUsername(Unknown Source) ~[?:?]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_45]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_45]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_45]
at java.lang.reflect.Method.invoke(Method.java:497) ~[?:1.8.0_45]
依赖项:
<dependency>
<groupId>org.springframework.data</groupId>
<artifactId>spring-data-ldap</artifactId>
<version>${data.ldap.version}</version>
</dependency>
<dependency>
<groupId>org.springframework.ldap</groupId>
<artifactId>spring-ldap-core</artifactId>
<version>${ldap.core.version}</version>
</dependency>
以下是我尝试过的:
@Bean
public LdapContextSource contextSource()
{
LOGGER.atDebug().log("using given ldap server config: {}", ldapServerConfig);
LdapContextSource contextSource = new LdapContextSource();
contextSource.setUrl(ldapServerConfig.getUrl());
contextSource.setBase(ldapServerConfig.getBaseDn());
contextSource.setUserDn(ldapServerConfig.getUsername());
contextSource.setPassword(ldapServerConfig.getPassword());
contextSource.setAnonymousReadOnly(ldapServerConfig.isReadOnlyConnection());
//TODO: To add the support of TLS v1.0/v1.2/v1.3
if (ldapServerConfig.isTlsEnabled())
{
ExternalTlsDirContextAuthenticationStrategy dirContextAuthenticationStrategy = new ExternalTlsDirContextAuthenticationStrategy();
contextSource.setAuthenticationStrategy(dirContextAuthenticationStrategy);
}
return contextSource;
}
@Bean
public LdapTemplate ldapTemplate(ContextSource pooledContextSource, ContextSource contextSource)
{
LOGGER.atInfo().log("connection pooling enabled: {}", ldapServerConfig.isConnectionPooling());
return ldapServerConfig.isConnectionPooling() ? new LdapTemplate(pooledContextSource) : new LdapTemplate(contextSource);
}
private ResponseEntity<ILdapResponse> authenticate(String username)
{
ResponseEntity<ILdapResponse> responseEntity;
ILdapResponse ldapResponse;
try
{
User user = userRepository.findUserByUsername(username);
此外,我尝试连接test server它,它工作正常并成功连接。以下是测试服务器详细信息
ldap.server.url=ldap://ldap.forumsys.com:389/
ldap.server.baseDn=dc=example,dc=com
ldap.server.username=cn=read-only-admin,dc=example,dc=com
ldap.server.password=password
此外,我尝试与 ldap 控制台连接并成功PROD environment连接。我不知道我在客户端中缺少什么,因为我无法连接。如果我缺少任何东西,请指导我。提前致谢
ldapsearch -d 3 -x -h <url> -p 389 -D <DN/username> -W -b <base dn> cn
解决方案
推荐阅读
- google-apps-script - 使用 Google Apps 脚本查找特定值,然后在同一行中填充单元格
- regex - 正则表达式不匹配字符串中的确切单词
- java - 我在构建应用程序时在 android studio 中遇到了 Android 资源链接失败错误。我不知道如何解决这个问题。我是 Android Studio 的新手
- javascript - 仅当屏幕宽度> 1250px时如何执行脚本
- flutter - DropdownButtonFormField 导致 RenderFlex 溢出
- flutter - 如何在颤振中集成 facebook 登录?
- powershell - 即使加载程序集,SMO Powershell 也会损坏
- r - 如何在 R 中读取 SharePoint 列表(本地)
- python - 用户输入以使用 python 在字典中显示某些值
- haskell - Haskell async:在 withAsync 中使用不同类型的 Monad