英文:
Multiple Authentification using jdbcAuthentification and AD authentification
问题
我再次需要您的帮助。我需要通过JDBC或AD对我的应用进行身份验证,但它必须同时适用于两种方式。例如,当我尝试使用JDBC用户进行身份验证时,我的程序必须与数据库中的用户连接,但当我使用AD登录时,它必须与AD用户连接。
以下是我的代码,但是当我按照下面的顺序(1)连接到JDBC时,我只能连接到JDBC,而当我有代码来创建authentificationProvider时,我只能在使用AD登录时登录。
@Configuration@EnableWebSecuritypublic class OAuth2SecurityConfiguration extends WebSecurityConfigurerAdapter {@Autowiredprivate ClientDetailsService clientDetailsService;@Autowiredprivate DataSource primaryDataSource;// @Autowired// private AuthenticationProvider authenticationProvider;// @Autowired// private AuthenticationProvider authenticationProviderAD;@Value("${security.authentication.provider}")private String authProvider;@Value("${ad.domain:#{null}}")private String adDomain;// TODO 将系统类似的配置转移到Java中,并且不再使用系统类似的配置,使其变为可选@Value("${ad.url:#{null}}")private String adUrl;@Override@Order(1)protected void configure(AuthenticationManagerBuilder auth) throws Exception {RecursiveAdProvider adProvider = new RecursiveAdProvider(adDomain, adUrl);adProvider.setConvertSubErrorCodesToExceptions(true);adProvider.setUseAuthenticationRequestCredentials(true);auth.authenticationProvider(adProvider);auth.eraseCredentials(false);}@Order(2)protected void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {auth.jdbcAuthentication().dataSource(primaryDataSource).usersByUsernameQuery("select username, password, enabled from users where username=?").authoritiesByUsernameQuery("select username, authority from user_authority JOIN authorities ON user_authority.authority_id = authorities.id where username=?").passwordEncoder(new BCryptPasswordEncoder());}@Overrideprotected void configure(HttpSecurity http) throws Exception {http.csrf().disable().anonymous().disable().authorizeRequests().antMatchers("/oauth/token").permitAll();}@Override@Beanpublic AuthenticationManager authenticationManagerBean() throws Exception {return super.authenticationManagerBean();}@Beanpublic TokenStore tokenStore() {return new InMemoryTokenStore();}@Bean@Autowiredpublic TokenStoreUserApprovalHandler userApprovalHandler(TokenStore tokenStore) {TokenStoreUserApprovalHandler handler = new TokenStoreUserApprovalHandler();handler.setTokenStore(tokenStore);handler.setRequestFactory(new DefaultOAuth2RequestFactory(clientDetailsService));handler.setClientDetailsService(clientDetailsService);return handler;}@Bean@Autowiredpublic ApprovalStore approvalStore(TokenStore tokenStore) throws Exception {TokenApprovalStore store = new TokenApprovalStore();store.setTokenStore(tokenStore);return store;}}
您能帮助我吗?
英文:
I need your help again. I need to authentificate to my app by JDBC or AD, but it must work all. For example, when I try to authentificate using JDBC user, my program has to connect with user from database, but when i put there AD login, it has to connect with AD user.
Here is my code, but when I have below order(1) code to connect to JDBC , I Can connect ONLY with JDBC and when i have there code to create authentificationProvider i can sign in just when i am using AD login.
@Configuration@EnableWebSecuritypublic class OAuth2SecurityConfiguration extends WebSecurityConfigurerAdapter {@Autowiredprivate ClientDetailsService clientDetailsService;@Autowiredprivate DataSource primaryDataSource;// @Autowired// private AuthenticationProvider authenticationProvider;// @Autowired// private AuthenticationProvider authenticationProviderAD;@Value("${security.authentication.provider}")private String authProvider;@Value("${ad.domain:#{null}}")private String adDomain;// TODO shift system like configuration into java, and no system like// configuration make it optional@Value("${ad.url:#{null}}")private String adUrl;@Override@Order(1)protected void configure(AuthenticationManagerBuilder auth) throws Exception {RecursiveAdProvider adProvider = new RecursiveAdProvider(adDomain, adUrl);adProvider.setConvertSubErrorCodesToExceptions(true);adProvider.setUseAuthenticationRequestCredentials(true);auth.authenticationProvider(adProvider);auth.eraseCredentials(false);}@Order(2)protected void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {auth.jdbcAuthentication().dataSource(primaryDataSource).usersByUsernameQuery("select username, password, enabled from users where username=?").authoritiesByUsernameQuery("select username, authority from user_authority JOIN authorities ON user_authority.authority_id = authorities.id where username=?").passwordEncoder(new BCryptPasswordEncoder());}@Overrideprotected void configure(HttpSecurity http) throws Exception {http.csrf().disable().anonymous().disable().authorizeRequests().antMatchers("/oauth/token").permitAll();}@Override@Beanpublic AuthenticationManager authenticationManagerBean() throws Exception {return super.authenticationManagerBean();}@Beanpublic TokenStore tokenStore() {return new InMemoryTokenStore();}@Bean@Autowiredpublic TokenStoreUserApprovalHandler userApprovalHandler(TokenStore tokenStore) {TokenStoreUserApprovalHandler handler = new TokenStoreUserApprovalHandler();handler.setTokenStore(tokenStore);handler.setRequestFactory(new DefaultOAuth2RequestFactory(clientDetailsService));handler.setClientDetailsService(clientDetailsService);return handler;}@Bean@Autowiredpublic ApprovalStore approvalStore(TokenStore tokenStore) throws Exception {TokenApprovalStore store = new TokenApprovalStore();store.setTokenStore(tokenStore);return store;}}
Can you help me?
专注分享java语言的经验与见解,让所有开发者获益!
评论