Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
862 views
in Technique[技术] by (71.8m points)

spring-boot - 使用@service类中的LDAP服务器(已配置)对用户进行身份验证(Authenticate User using LDAP server (configured) from @service class)

I am using spring boot rest URL "/login" for user login and hitting this URL from front end with user credentials.

(我正在使用spring boot rest URL“ / login”进行用户登录,并使用用户凭据从前端访问此URL。)

My spring boot service congiured with LDAP server and is is authenticating all desired requests before showing any result.

(我的spring boot服务与LDAP服务器配置在一起,并且在显示任何结果之前正在对所有所需的请求进行身份验证。)

But now, I want to it authenticate user without showing another login page because as I am sending user credentials from front end itself.

(但是现在,我希望它在不显示其他登录页面的情况下对用户进行身份验证,因为当我从前端本身发送用户凭据时。)

LDAP Config :

(LDAP配置:)

@Override
    protected void configure(HttpSecurity http) throws Exception {
        http
            .authorizeRequests()
                .anyRequest().fullyAuthenticated()
                .and()
            .formLogin();
    }

Controller :

(控制器:)

    @RequestMapping(value = "/login", method = RequestMethod.POST)

    public ResponseEntity<?> authenticateUser(@Valid @ModelAttribute LoginRequest loginRequest, BindingResult result){
        ResponseEntity<?> errorMap = mapValidationErrorService.getMapValidationErrors(result);
        if(errorMap != null) return errorMap;
        String jwt = null;

Inside LoginRequest pojo, i am providig my user credentials.

(在LoginRequest pojo内部,我提供了我的用户凭据。)

All I need is to authenticate these details from ldap server directly without any further redirections.

(我需要做的就是直接从ldap服务器验证这些详细信息,而无需任何进一步的重定向。)

Please provide suggestion/ help.

(请提供建议/帮助。)

Thanks in advance!

(提前致谢!)

  ask by Balram Chauhan translate from so

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Reply

0 votes
by (71.8m points)

Try this

(尝试这个)

@Override
    protected void configure(HttpSecurity http) throws Exception {
        http
            .authorizeRequests().
                .antMatchers("/login").permitAll()
                .anyRequest().fullyAuthenticated();
    }

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
OGeek|极客中国-欢迎来到极客的世界,一个免费开放的程序员编程交流平台!开放,进步,分享!让技术改变生活,让极客改变未来! Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...