Reference :
http://lengyun3566.iteye.com/blog/1358310
http://www.zytrax.com/books/ldap/ch5/index.html#step1-ldif
http://krams915.blogspot.hk/2011/01/spring-security-mvc-using-embedded-ldap.html
http://static.springsource.org/spring-security/site/docs/3.2.x/reference/ldap.html
pom.xml,这里只写了 LDAP 的部分, spring security用的是 3.1.2.RELEASE
<properties>
<apacheDS.version>1.5.5</apacheDS.version>
</properties>
<dependencies>
<dependency>
<groupId>ldapsdk</groupId>
<artifactId>ldapsdk</artifactId>
<version>4.1</version>
</dependency>
<dependency>
<groupId>org.codehaus.jackson</groupId>
<artifactId>jackson-mapper-asl</artifactId>
<version>1.9.12</version>
</dependency>
<dependency>
<groupId>org.apache.directory.server</groupId>
<artifactId>apacheds-core</artifactId>
<version>${apacheDS.version}</version>
</dependency>
<dependency>
<groupId>org.apache.directory.server</groupId>
<artifactId>apacheds-core-entry</artifactId>
<version>${apacheDS.version}</version>
</dependency>
<dependency>
<groupId>org.apache.directory.server</groupId>
<artifactId>apacheds-protocol-ldap</artifactId>
<version>${apacheDS.version}</version>
</dependency>
<dependency>
<groupId>org.apache.directory.server</groupId>
<artifactId>apacheds-protocol-shared</artifactId>
<version>${apacheDS.version}</version>
</dependency>
<dependency>
<groupId>org.apache.directory.server</groupId>
<artifactId>apacheds-server-jndi</artifactId>
<version>${apacheDS.version}</version>
</dependency>
<dependency>
<groupId>org.apache.directory.shared</groupId>
<artifactId>shared-ldap</artifactId>
<version>0.9.15</version>
<type>jar</type>
</dependency>
</dependencies>
spring security 配置文件片段
<ldap-server root="dc=springframework,dc=org" ldif="classpath:users.ldif" />
<authentication-manager alias="authenticationManager">
<ldap-authentication-provider user-search-filter="(uid={0})" user-search-base="ou=Users" group-search-base="ou=Groups" />
</authentication-manager>
上文中的 users.ldif 文件
version: 1
dn: ou=Users,dc=springframework,dc=org
objectClass: extensibleObject
objectClass: organizationalUnit
objectClass: top
ou: Users
dn: cn=Sun Yi,ou=Users,dc=springframework,dc=org
objectClass: organizationalPerson
objectClass: person
objectClass: inetOrgPerson
objectClass: top
uid: sunyi
userPassword: admin
cn: Sun Yi
dn: ou=Groups,dc=springframework,dc=org
objectClass: extensibleObject
objectClass: organizationalUnit
objectClass: top
ou: Groups
dn: cn=Admin,ou=Groups,dc=springframework,dc=org
objectClass: groupOfUniqueNames
objectClass: top
uniqueMember: cn=Sun Yi,ou=Users,dc=springframework,dc=org
cn: Admin
有这些就可以用 ldap 登录了.
对于此例子:
用户名: sunyi
密码:admin
拥有的权限是 ROLE_ADMIN.