java调用ldap

最新推荐文章于 2023-03-06 10:57:47 发布

不会主动学习的小白

最新推荐文章于 2023-03-06 10:57:47 发布

阅读量993

点赞数 1

文章标签： java 算法 eclipse

本文链接：https://blog.csdn.net/qq1020654861/article/details/120450954

版权

配置yml

spring:
  ldap:
    urls: ldap://172.xx.xx.xxx:389/
    base: cn=users,dc=node3,dc=com
    username: cn=admin,dc=node3,dc=com
    password: 123456

我这边采用的是openldap

urls：是ldap安装布署的地址：ldap默认的端口是389

base: cn=users,dc=node3,dc=com 解释：要操作dc=node3，dc=com下面的cn=users的文件夹下的数据，如下图所示：

username: cn=admin,dc=node3,dc=com 解释：cn=admin进行你的登录账号 dc=node3 dc=com 就是我用admin账号登录操作dc=node3,dc =com 这个文件

password：123456 解释: admin的密码

映射yml中的配置项

@Component
@Data
public class Parameters {

    @Value("${spring.ldap.urls}")
    public  String URL;

    @Value("${spring.ldap.base}")
    public  String BASEDN;

    @Value("${spring.ldap.username}")
    public  String username;

    @Value("${spring.ldap.password}")
    public  String password;
}

编写工具类

@Component
public class LdapTool {

    @Autowired
    private Parameters parameters;

    private final String FACTORY = "com.sun.jndi.ldap.LdapCtxFactory";

    private LdapContext ctx = null;

    private final Control[] connCtls = null;

    public LdapContext  LDAP_connect() {
        Hashtable<String, String> env = new Hashtable<String, String>();
        env.put(Context.INITIAL_CONTEXT_FACTORY, FACTORY);
        env.put(Context.PROVIDER_URL, parameters.URL + parameters.BASEDN);
        env.put(Context.SECURITY_AUTHENTICATION, "simple");
        env.put(Context.SECURITY_PRINCIPAL, parameters.username);   // 管理员
        env.put(Context.SECURITY_CREDENTIALS, parameters.password);  // 管理员密码
        try {
            ctx = new InitialLdapContext(env, connCtls);
            System.out.println( "连接成功" );
            return  ctx;
        } catch (javax.naming.AuthenticationException e) {
            System.out.println("连接失败：");
            e.printStackTrace();
        } catch (Exception e) {
            System.out.println("连接出错："+e.getMessage());
            e.printStackTrace();
        }
        return null;
    }
    private void closeContext(){
        if (ctx != null) {
            try {
                ctx.close();
            }
            catch (NamingException e) {
                e.printStackTrace();
            }

        }
    }
    public String getUserDN(String uid) {
        String userDN = "";
        LDAP_connect();
        try {
            SearchControls constraints = new SearchControls();
            constraints.setSearchScope(SearchControls.SUBTREE_SCOPE);

            NamingEnumeration<SearchResult> en = ctx.search("", "uidNumber=" + uid, constraints);

            if (en == null || !en.hasMoreElements()) {
                System.out.println("未找到该用户");
            }
            // maybe more than one element
            while (en != null && en.hasMoreElements()) {
                Object obj = en.nextElement();
                if (obj instanceof SearchResult) {
                    SearchResult si = (SearchResult) obj;
                    userDN += si.getName();
                    userDN += "," + parameters.BASEDN;
                } else {
                    System.out.println(obj);
                }
            }
        } catch (Exception e) {
            System.out.println("查找用户时产生异常。");
            e.printStackTrace();
        }

        return userDN;
    }

    public boolean authenricate(String UID, String password) {
        boolean valide = false;
        String userDN = getUserDN(UID);

        try {
            ctx.addToEnvironment(Context.SECURITY_PRINCIPAL, userDN);
            ctx.addToEnvironment(Context.SECURITY_CREDENTIALS, password);
            ctx.reconnect(connCtls);
            System.out.println(userDN + " 验证通过");
            valide = true;
        } catch (AuthenticationException e) {
            System.out.println(userDN + " 验证失败");
            System.out.println(e.toString());
            valide = false;
        } catch (NamingException e) {
            System.out.println(userDN + " 验证失败");
            valide = false;
        }
        closeContext();
        return valide;
    }

    /**
     * 获取用户信息
     * @param
     * @param basedn
     * @return
     */
    public List<LdapUser> readLdap(LdapContext ctx){

        List<LdapUser> lm=new ArrayList<LdapUser>();
        try {
            if(ctx!=null){
                //过滤条件
                String filter = "(&(objectClass=*)(uid=*))";
                String[] attrPersonArray = { "uid", "userPassword", "displayName", "cn", "sn", "mail", "description","uidNumber","gidNumber" };
                SearchControls searchControls = new SearchControls();//搜索控件
                searchControls.setSearchScope(2);//搜索范围
                searchControls.setReturningAttributes(attrPersonArray);
                //1.要搜索的上下文或对象的名称；2.过滤条件，可为null，默认搜索所有信息；3.搜索控件，可为null，使用默认的搜索控件
                NamingEnumeration<SearchResult> answer = ctx.search("",filter.toString(),searchControls);
                while (answer.hasMore()) {
                    SearchResult result = (SearchResult) answer.next();
                    NamingEnumeration<? extends Attribute> attrs = result.getAttributes().getAll();
                    LdapUser lu=new LdapUser();
                    while (attrs.hasMore()) {
                        Attribute attr = (Attribute) attrs.next();
                        if("userPassword".equals(attr.getID())){
                            Object value = attr.get();
                            lu.setUserPassword(new String((byte [])value));
                        }else if("uid".equals(attr.getID())){
                            lu.setUid(attr.get().toString());
                        }else if("displayName".equals(attr.getID())){
                            lu.setDisplayName(attr.get().toString());
                        }else if("cn".equals(attr.getID())){
                            lu.setCn(attr.get().toString());
                        }else if("sn".equals(attr.getID())){
                            lu.setSn(attr.get().toString());
                        }else if("mail".equals(attr.getID())){
                            lu.setMail(attr.get().toString());
                        }else if("description".equals(attr.getID())){
                            lu.setDescription(attr.get().toString());
                        }else if ("uidNumber".equals(attr.getID())){
                            lu.setUidNumber(attr.get().toString());
                        }else if ("gidNumber".equals(attr.getID())){
                            lu.setGidNumber(attr.get().toString());
                        }
                    }
                    if(lu.getUid()!=null) {
                        lm.add(lu);
                    }
                }
            }
        }catch (Exception e) {
            System.out.println("获取用户信息异常:");
            e.printStackTrace();
        }finally {
            closeContext();
        }

        return lm;
    }

}

controller层调用

@RestController
public class Mac {

    @Autowired
    private Parameters parameters;

    @Autowired
    LdapTool ldapTool;

    @GetMapping("/long")
    public String gerMessge(@RequestParam("userName") String userName,@RequestParam("password") String password){
        LdapContext ldapContext = ldapTool.LDAP_connect();
        if (ldapContext !=null){
            if (ldapTool.authenricate(userName,password) == true){
                return "登录成功";
            }else{
                return "登录失败";
            }
        }
        return "LDAP服务调用失败";
    }
    @GetMapping("getUserAll")
    public List<LdapUser> getUser(){
        LdapContext ldapContext = ldapTool.LDAP_connect();
        List<LdapUser> ldapUsers =  ldapTool.readLdap(ldapContext);
        return  ldapUsers;
    }

}

不会主动学习的小白

关注

1
点赞
踩
2

收藏

觉得还不错? 一键收藏
0
评论
java调用ldap

配置ymlspring: ldap: urls: ldap://172.xx.xx.xxx:389/ base: cn=users,dc=node3,dc=com username: cn=admin,dc=node3,dc=com password: 123456我这边采用的是openldapurls：是ldap安装布署的地址：ldap默认的端口是389base:cn=users,dc=node3,dc=com 解释：要操作dc=node3，dc=..
复制链接

扫一扫