SPRING IN ACTION 第4版笔记-第九章Securing web applications-005-Applying LDAP-backed authentication

一、

1.This method is the  LDAP analog to  jdbcAuthentication() 

@Override
protected void configure(AuthenticationManagerBuilder auth)
throws Exception {
    auth
        .ldapAuthentication()
        .userSearchFilter("(uid={0})")
        .groupSearchFilter("member={0}");
}

The userSearchFilter() and groupSearchFilter() methods are used to provide a filter for the base LDAP queries, which are used to search for users and groups. By default, the base queries for both users and groups are empty, indicating that the search will be done from the root of the LDAP hierarchy. But you can change that by specifying a query base:

@Override
protected void configure(AuthenticationManagerBuilder auth)
throws Exception {
    auth
        .ldapAuthentication()
        .userSearchBase("ou=people")
        .userSearchFilter("(uid={0})")
        .groupSearchBase("ou=groups")
        .groupSearchFilter("member={0}");
}

The userSearchBase() method provides a base query for finding users. Likewise, the groupSearchBase() specifies the base query for finding groups. Rather than search from the root, this example specifies that users be searched for where the organization unit is people . And groups should be searched for where the organizational unit is groups .