我们正在将 Struts 1.3 Web 应用程序迁移到 SpringBoot。我们应用程序的一个功能是识别 Windows AD 用户,然后调用自定义 Web 服务来进行身份验证、分配角色并自动登录应用程序。
在 Struts 中,我们使用 Waffle 通过获取 Java 中 request.getRemoteUser() 的值来识别 Windows AD 登录用户。
对于 Spring Boot,我们做了以下工作
在pom.xml中,我们添加了依赖项
<dependency>
<groupId>net.java.dev.jna</groupId>
<artifactId>jna</artifactId>
<version>${jna.version}</version>
</dependency>
<dependency>
<groupId>net.java.dev.jna</groupId>
<artifactId>jna-platform</artifactId>
<version>${jna.version}</version>
</dependency>
<dependency>
<groupId>com.github.waffle</groupId>
<artifactId>waffle-spring-security4</artifactId>
<version>2.2.1</version>
</dependency>
我们有一个 SecurityConfig.java,我们在其中进行了以下更改。请注意,我们不使用基于 Spring 的登录。
@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(securedEnabled = true)
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
private NegotiateSecurityFilter negotiateSecurityFilter;
@Autowired
private NegotiateSecurityFilterEntryPoint entryPoint;
@Override
protected void configure(HttpSecurity http) throws Exception {
http.addFilterBefore(negotiateSecurityFilter, BasicAuthenticationFilter.class);
http.httpBasic().disable();
http.csrf().disable().cors();
}
@Override
@Autowired
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.inMemoryAuthentication();
}
}
我们在这里维护了Waffle相关的配置——WaffleConfig.java
@Configuration
public class WaffleConfig {
@Bean
public WindowsAuthProviderImpl waffleWindowsAuthProvider() {
return new WindowsAuthProviderImpl();
}
@Bean
public NegotiateSecurityFilterProvider negotiateSecurityFilterProvider(
WindowsAuthProviderImpl windowsAuthProvider) {
return new NegotiateSecurityFilterProvider(windowsAuthProvider);
}
@Bean
public BasicSecurityFilterProvider basicSecurityFilterProvider(WindowsAuthProviderImpl windowsAuthProvider) {
return new BasicSecurityFilterProvider(windowsAuthProvider);
}
@Bean
public SecurityFilterProviderCollection waffleSecurityFilterProviderCollection(
NegotiateSecurityFilterProvider negotiateSecurityFilterProvider,
BasicSecurityFilterProvider basicSecurityFilterProvider) {
SecurityFilterProvider[] securityFilterProviders = {
negotiateSecurityFilterProvider,
basicSecurityFilterProvider };
return new SecurityFilterProviderCollection(securityFilterProviders);
}
@Bean
public NegotiateSecurityFilterEntryPoint negotiateSecurityFilterEntryPoint(
SecurityFilterProviderCollection securityFilterProviderCollection) {
NegotiateSecurityFilterEntryPoint negotiateSecurityFilterEntryPoint = new NegotiateSecurityFilterEntryPoint();
negotiateSecurityFilterEntryPoint.setProvider(securityFilterProviderCollection);
return negotiateSecurityFilterEntryPoint;
}
@Bean
public NegotiateSecurityFilter waffleNegotiateSecurityFilter(SecurityFilterProviderCollection securityFilterProviderCollection) {
NegotiateSecurityFilter negotiateSecurityFilter = new NegotiateSecurityFilter();
negotiateSecurityFilter.setProvider(securityFilterProviderCollection);
return negotiateSecurityFilter;
}
// This is required for Spring Boot so it does not register the same filter twice
@Bean
public FilterRegistrationBean waffleNegotiateSecurityFilterRegistration(NegotiateSecurityFilter waffleNegotiateSecurityFilter) {
FilterRegistrationBean registrationBean = new FilterRegistrationBean();
registrationBean.setFilter(waffleNegotiateSecurityFilter);
registrationBean.setEnabled(false);
return registrationBean;
}
}
但是,当我们尝试获取request.getRemoteUser()的值时,该值为null
对于这样一个看似简单的需求,我们做错了什么?
最佳答案
我按照此处的配置解决了这个问题
https://github.com/Waffle/waffle/tree/master/Source/JNA/waffle-demo/waffle-spring-boot-filter2
在pom.xml中,我们添加了依赖项
<dependency>
<groupId>net.java.dev.jna</groupId>
<artifactId>jna</artifactId>
<version>${jna.version}</version>
</dependency>
<dependency>
<groupId>net.java.dev.jna</groupId>
<artifactId>jna-platform</artifactId>
<version>${jna.version}</version>
</dependency>
<dependency>
<groupId>com.github.waffle</groupId>
<artifactId>waffle-spring-boot-starter</artifactId>
<version>2.2.1</version>
</dependency>
在SecurityConfig.java中进行以下更改
@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(securedEnabled = true)
public class SecurityConfig extends WebSecurityConfigurerAdapter {
private NegotiateSecurityFilter filter;
private NegotiateSecurityFilterEntryPoint entryPoint;
/**
* Autowire constructor injects bean auto-configured by Starter.
*
* @param filter
* the filter
* @param entryPoint
* the entry point
*/
public SecurityConfig(NegotiateSecurityFilter filter, NegotiateSecurityFilterEntryPoint entryPoint) {
this.filter = filter;
this.entryPoint = entryPoint;
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests().anyRequest().authenticated().and()
.addFilterBefore(filter, BasicAuthenticationFilter.class).exceptionHandling()
.authenticationEntryPoint(entryPoint);
}
}
关于java - 识别 Windows AD 远程用户 Spring Boot + Waffle,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/61244971/