?<?xml version="1.0" encoding="UTF-8"?>
?<beans xmlns="
http://www.springframework.org/schema/beans
"
?????? xmlns:xsi="
http://www.w3.org/2001/XMLSchema-instance
"
?????? xmlns:p="
http://www.springframework.org/schema/p
"
?????? xsi:schemaLocation="
http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
">
? ?<bean id="authenticationManager"
??class="org.jasig.cas.authentication.AuthenticationManagerImpl">
?? ??<property name="credentialsToPrincipalResolvers">
???<list>
???? ????<bean
?????class="org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincipalResolver" />
???? ????<bean
?????class="org.jasig.cas.authentication.principal.HttpBasedServiceCredentialsToPrincipalResolver" />
???</list>
??</property>
?? ??<property name="authenticationHandlers">
???<list>
???? ????<bean class="org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler"
?????p:httpClient-ref="httpClient" />
???? ????<!--<bean
?????class="org.jasig.cas.authentication.handler.support.SimpleTestUsernamePasswordAuthenticationHandler" />-->
?????<bean? class="org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler" >
?????????????????????????????? <property name="filter" value="uid=%u" />?
????????? <!--seem must have ou node-->
?????????????????????????????? <!--<property name="searchBase" value="ou=nsc,dc=nhncdev,dc=com" />? -->
????????? <property name="searchBase" value="ou=nsc,dc=nhncdev,dc=com" />?
?????????????????????????????? <property name="contextSource" ref="contextSource" />
</bean>
???</list>
??</property>
?</bean>
? ?<bean id="userDetailsService" class="org.springframework.security.userdetails.memory.InMemoryDaoImpl">
??<property name="userMap">
???<value>
???
????? </value>
??</property>
?</bean>?
?
?? <bean id="attributeRepository"
??class="org.jasig.services.persondir.support.StubPersonAttributeDao">
??<property name="backingMap">
???<map>
????<entry key="uid" value="uid" />
????<entry key="eduPersonAffiliation" value="eduPersonAffiliation" />
????<entry key="groupMembership" value="groupMembership" />
???</map>
??</property>
?</bean>?
?
? ?<bean
??id="serviceRegistryDao"
??class="org.jasig.cas.services.InMemoryServiceRegistryDaoImpl" />
?<bean id="contextSource" class="org.jasig.cas.adaptors.ldap.util.AuthenticatedLdapContextSource">
????????
?? <property name="anonymousReadOnly" value="false" />?
????? ??
?? <property name="userName" value="cn=zhenyu wang,ou=nsc,dc=nhncdev,dc=com" />
???????? <property name="password" value="Hello123" />?
??? ?????
?????
???????? <property name="pooled" value="true" />
???????? <property name="urls">
???????????????? <list>?
??????????????????????? ????????????<value>ldap://10.34.114.54:389/</value>
???????????????? </list>
???????? </property>
???????? <property name="baseEnvironmentProperties">
???????????????? <map>
??????????????????????? <entry>
???????????????????????????????? <key><value>java.naming.security.authentication</value></key>
???????????????????????????????? <value>simple</value>
??????????????????????? </entry>
???????????????? </map>
???????? </property>
</bean>
</beans>
?
說明:在微軟活動目錄中建立一個用戶節點,帳號為wangzhenyu,cn為zhenyu wang,并設置登陸口令,這時候在cas中用wangzhenyu的帳號登陸失敗,解決辦法是:安裝apache directory studio,建立一個到微軟活動目錄的連接,連接時使用微軟活動目錄所在的windows2003服務器的超級用戶帳號,連接成功后,在LDAP樹中找從ou=nsc下找i到CN=zhengyu wang這個節點,給這個節點手工添加一個uid屬性,設置uid的值為wangzhenyu,添加成功后,在cas登陸頁面中再使用wangzhenyu帳號及ad中設置的口令就可以成功登錄了.
?
--openjweb作者 ldap ad?
?
?
?
更多文章、技術交流、商務合作、聯系博主
微信掃碼或搜索:z360901061
微信掃一掃加我為好友
QQ號聯系: 360901061
您的支持是博主寫作最大的動力,如果您喜歡我的文章,感覺我的文章對您有幫助,請用微信掃描下面二維碼支持博主2元、5元、10元、20元等您想捐的金額吧,狠狠點擊下面給點支持吧,站長非常感激您!手機微信長按不能支付解決辦法:請將微信支付二維碼保存到相冊,切換到微信,然后點擊微信右上角掃一掃功能,選擇支付二維碼完成支付。
【本文對您有幫助就好】元
