http://lengyun3566.iteye.com/blog/1358310
http://www.zytrax.com/books/ldap/ch5/index.html#step1-ldif
http://krams915.blogspot.hk/2011/01/spring-security-mvc-using-embedded-ldap.html
http://static.springsource.org/spring-security/site/docs/3.2.x/reference/ldap.html
pom.xml,这里只写了 LDAP 的部分, spring security用的是 3.1.2.RELEASE
<properties> <apacheDS.version>1.5.5</apacheDS.version> </properties> <dependencies> <dependency> <groupId>ldapsdk</groupId> <artifactId>ldapsdk</artifactId> <version>4.1</version> </dependency> <dependency> <groupId>org.codehaus.jackson</groupId> <artifactId>jackson-mapper-asl</artifactId> <version>1.9.12</version> </dependency> <dependency> <groupId>org.apache.directory.server</groupId> <artifactId>apacheds-core</artifactId> <version>${apacheDS.version}</version> </dependency> <dependency> <groupId>org.apache.directory.server</groupId> <artifactId>apacheds-core-entry</artifactId> <version>${apacheDS.version}</version> </dependency> <dependency> <groupId>org.apache.directory.server</groupId> <artifactId>apacheds-protocol-ldap</artifactId> <version>${apacheDS.version}</version> </dependency> <dependency> <groupId>org.apache.directory.server</groupId> <artifactId>apacheds-protocol-shared</artifactId> <version>${apacheDS.version}</version> </dependency> <dependency> <groupId>org.apache.directory.server</groupId> <artifactId>apacheds-server-jndi</artifactId> <version>${apacheDS.version}</version> </dependency> <dependency> <groupId>org.apache.directory.shared</groupId> <artifactId>shared-ldap</artifactId> <version>0.9.15</version> <type>jar</type> </dependency> </dependencies>
spring security 配置文件片段
<ldap-server root="dc=springframework,dc=org" ldif="classpath:users.ldif" /> <authentication-manager alias="authenticationManager"> <ldap-authentication-provider user-search-filter="(uid={0})" user-search-base="ou=Users" group-search-base="ou=Groups" /> </authentication-manager>
上文中的 users.ldif 文件
version: 1 dn: ou=Users,dc=springframework,dc=org objectClass: extensibleObject objectClass: organizationalUnit objectClass: top ou: Users dn: cn=Sun Yi,ou=Users,dc=springframework,dc=org objectClass: organizationalPerson objectClass: person objectClass: inetOrgPerson objectClass: top uid: sunyi userPassword: admin cn: Sun Yi dn: ou=Groups,dc=springframework,dc=org objectClass: extensibleObject objectClass: organizationalUnit objectClass: top ou: Groups dn: cn=Admin,ou=Groups,dc=springframework,dc=org objectClass: groupOfUniqueNames objectClass: top uniqueMember: cn=Sun Yi,ou=Users,dc=springframework,dc=org cn: Admin
有这些就可以用 ldap 登录了.
对于此例子:
用户名: sunyi
密码:admin
拥有的权限是 ROLE_ADMIN.