更新时间:2023-11-30 23:42:22
ActiveDirectoryLdapAuthenticationProvider 不使用 LdapAuthoritiesPopulator
(检查构造函数的 API).
ActiveDirectoryLdapAuthenticationProvider doesn't use an LdapAuthoritiesPopulator
(check the API for the constructor).
您可以使用委托模型,在返回包含它们的新令牌之前,您可以在其中包装提供者并单独加载权限:
You can use a delegation model, where you wrap the provider and load the authorities separately, before returning a new token containing them:
public class MyAuthoritySupplementingProvider implements AuthenticationProvider {
private AuthenticationProvider delegate;
public MyAuthoritySupplementingProvider(AuthenticationProvider delegate) {
this.delegate = delegate;
}
public Authentication authenticate(Authentication authentication) {
final Authentication a = delegate.authenticate(authentication);
// Load additional authorities and create an Authentication object
final List<GrantedAuthority> authorities = loadRolesFromDatabaseHere(a.getName());
return new AbstractAuthenticationToken(authorities) {
public Object getCredentials() {
throw new UnsupportedOperationException();
}
public Object getPrincipal() {
return a.getPrincipal();
}
};
}
@Override
public boolean supports(Class<?> authentication) {
return delegate.supports(authentication);
}
}
这门课是最终的,主要是因为我对 Active Directory 有相当基本的了解,以及人们想要使用它的不同方式.
The class is final mainly due to my rather basic knowledge of Active Directory and the different ways people would want to use it.