1、添加支持的jar包
spring-ldap-core-2.0.2.RELEASE.jar
2、spring中配置
<bean id="contextSourceTarget" class="org.springframework.ldap.core.support.LdapContextSource">
<property name="url" value="ldap://localhost:10389" />
<property name="base" value="dc=ngcc,dc=com" />
<property name="userDn" value="uid=admin,ou=system" />
<property name="password" value="secret" />
</bean>
<bean id="contextSource"
class="org.springframework.ldap.transaction.compensating.manager.TransactionAwareContextSourceProxy">
<constructor-arg ref="contextSourceTarget" />
</bean>
<bean id="ldapTemplate" class="org.springframework.ldap.core.LdapTemplate">
<constructor-arg ref="contextSource" />
</bean>
可是使用多数据源,多数据源配置复制上面配置信息,修改bean的id即可,在注解引用的时候,标明是那个ldap的
3、创建实体bean
package com.bean.ldap;
import java.util.ArrayList;
import com.model.BaseModel;
public class UserBean extends BaseModel {
private String cn;
private String oldCn;
//返回cn的集合
private ArrayList cns;
private String childCn;
private String sn;
private String grandson;
private String uid;
private String userPassword;
private String description;
//返回属性descriptions的集合
private ArrayList<String> descriptions;
private String ou;
private String st;
public String getSt() {
return st;
}
public void setSt(String st) {
this.st = st;
}
public ArrayList<String> getDescriptions() {
return descriptions;
}
public void setDescriptions(ArrayList<String> descriptions) {
this.descriptions = descriptions;
}
public String getDescription() {
return description;
}
public void setDescription(String description) {
this.description = description;
}
public String getCn() {
return cn;
}
public void setCn(String cn) {
this.cn = cn;
}
public String getSn() {
return sn;
}
public void setSn(String sn) {
this.sn = sn;
}
public String getUid() {
return uid;
}
public void setUid(String uid) {
this.uid = uid;
}
public String getUserPassword() {
return userPassword;
}
public void setUserPassword(String userPassword) {
this.userPassword = userPassword;
}
public String getChildCn() {
return childCn;
}
public void setChildCn(String childCn) {
this.childCn = childCn;
}
public String getOu() {
return ou;
}
public void setOu(String ou) {
this.ou = ou;
}
public ArrayList getCns() {
return cns;
}
public void setCns(ArrayList cns) {
this.cns = cns;
}
public String getOldCn() {
return oldCn;
}
public void setOldCn(String oldCn) {
this.oldCn = oldCn;
}
public String getGrandson() {
return grandson;
}
public void setGrandson(String grandson) {
this.grandson = grandson;
}
}
4、创建bean后创建返回对象作为ldap查询返回类型
创建UserBeanLdapMapper.java 作为范围类型对象,并继承AttributesMapper
package com.mapper.ldap;
import java.util.ArrayList;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attributes;
import org.springframework.ldap.core.AttributesMapper;
import com.bean.ldap.UserBean;
public class UserBeanLdapMapper implements AttributesMapper{
@Override
public Object mapFromAttributes(Attributes attr) throws NamingException {
//创建UserBean 对象
UserBean person = new UserBean();
//如果sn不为空设置sn
if(attr.get("sn")!=null){
person.setSn(attr.get("sn").get().toString());
}
if(attr.get("ou")!=null){
person.setOu(attr.get("ou").get().toString());
}
if(attr.get("st")!=null){
person.setSt(attr.get("st").get().toString());
}
//设置cn,通过attr.get("cn").getAll()获取所有的cn返回的是枚举类型,创建list集合,并通过while循环,添加到list集合中
if(attr.get("cn")!=null){
ArrayList list=new ArrayList();
NamingEnumeration<String> all = (NamingEnumeration<String>) attr.get("cn").getAll();
while(all.hasMoreElements()){
list.add(all.nextElement());
}
person.setCns(list);
person.setCn(attr.get("cn").get().toString());
}
if(attr.get("uid")!=null)
person.setUid((String)attr.get("uid").get());
if(attr.get("description")!=null){
ArrayList list=new ArrayList();
NamingEnumeration<String> all = (NamingEnumeration<String>) attr.get("description").getAll();
while(all.hasMoreElements()){
list.add(all.nextElement());}
person.setDescriptions(list);
person.setDescription(attr.get("description").get().toString());
}
return person;
}
}
5、接下来就是创建工具累对ldap的增删修改查询了,在这里注意一些子查询,子子节点(孙节点查询也在该方法内)
这里包含了实际开发中的一些业务逻辑,在参考的时候多多注意,根据自己的需求修改。
package com.dao;
import java.util.ArrayList;
import java.util.List;
import javax.annotation.Resource;
import javax.naming.directory.Attributes;
import javax.naming.directory.BasicAttribute;
import javax.naming.directory.BasicAttributes;
import javax.naming.directory.DirContext;
import javax.naming.directory.ModificationItem;
import javax.naming.directory.SearchControls;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.ApplicationContext;
import org.springframework.context.support.ClassPathXmlApplicationContext;
import org.springframework.ldap.core.DistinguishedName;
import org.springframework.ldap.core.LdapTemplate;
import org.springframework.ldap.filter.AndFilter;
import org.springframework.ldap.filter.EqualsFilter;
import org.springframework.stereotype.Service;
import com.bean.ldap.UserBean;
import com.mapper.ldap.UserBeanLdapMapper;
@Service
public class LdapTemplatDaoUrl {
@Resource(name = "ldapTemplate2")
private LdapTemplate ldapTemplate2;
public LdapTemplate getLdapTemplate2() {
return ldapTemplate2;
}
public void setLdapTemplate2(LdapTemplate ldapTemplate2) {
this.ldapTemplate2 = ldapTemplate2;
}
/**
* 获取dn
*
* @param parentCn父节点cn值
* @param childCn
* 子节点cn值
* @return
*/
@SuppressWarnings("deprecation")
private DistinguishedName getDn(String parentCn, String childCn) {
// 得到根目录,也就是配置文件中配置的ldap的根目录
DistinguishedName newContactDN = new DistinguishedName();
// 添加cn,即使得该条记录的dn为"cn=cn,根目录",例如"cn=abc,dc=testdc,dc=com"
newContactDN.append("cn", parentCn);
if(childCn!=null&&!childCn.equals(""))
newContactDN.append("cn", childCn);
return newContactDN;
}
@SuppressWarnings("deprecation")
private DistinguishedName getDn(UserBean person) {
// 得到根目录,也就是配置文件中配置的ldap的根目录
DistinguishedName newContactDN = new DistinguishedName();
// 添加cn,即使得该条记录的dn为"cn=cn,根目录",例如"cn=abc,dc=testdc,dc=com"
newContactDN.append("cn", person.getCn());
if(person.getChildCn()!=null&&!person.getChildCn().equals(""))
newContactDN.append("cn", person.getChildCn());
if(person.getGrandson()!=null&&!person.getGrandson().equals(""))
newContactDN.append("cn", person.getGrandson());
return newContactDN;
}
/**
* 查询子节点内容
*
* @param ldapTemplate
* @param person
* @return
*/
public List<UserBean> getPersonList(UserBean person) {
List<UserBean> list = new ArrayList<UserBean>();
// 查询过滤条件
AndFilter andFilter = new AndFilter();
//根据子节点Cn查询
if(person.getChildCn()!=null){
andFilter.and(new EqualsFilter("cn", person.getChildCn()));}
else{
andFilter.and(new EqualsFilter("objectclass", "person"));
andFilter.and(new EqualsFilter("cn", person.getCn()));
}
//根据子节点sn查询
if(person.getSn()!=null)
andFilter.and(new EqualsFilter("sn", person.getSn()));
//根据子节点Uid查询
if(person.getUid()!=null)
andFilter.and(new EqualsFilter("uid", person.getUid()));
//根据子节点description查询
if(person.getDescription()!=null)
andFilter.and(new EqualsFilter("description", person.getDescription()));
if(person.getSt()!=null)
andFilter.and(new EqualsFilter("st", person.getSt()));
// search是根据过滤条件进行查询,第一个参数是父节点的dn,可以为空,不为空时查询效率更高
DistinguishedName dn = new DistinguishedName();
dn.append("cn", person.getCn());
list = ldapTemplate2.search(dn, andFilter.encode(),SearchControls.ONELEVEL_SCOPE,new UserBeanLdapMapper());
return list;
}
/**
* 获取组的所有权限
* @param person
* @param check 检查权限是否存在
* @return
*/
public List<UserBean> getGroupPersonList(UserBean person,String check) {
List<UserBean> list = new ArrayList<UserBean>();
// 查询过滤条件
AndFilter andFilter = new AndFilter();
andFilter.and(new EqualsFilter("objectclass", "person"));
if(check.equals("check"))
andFilter.and(new EqualsFilter("cn", person.getGrandson()));
// search是根据过滤条件进行查询,第一个参数是父节点的dn,可以为空,不为空时查询效率更高
DistinguishedName dn = new DistinguishedName();
dn.append("cn", person.getCn());
dn.append("cn", person.getChildCn());
list = ldapTemplate2.search(dn, andFilter.encode(),SearchControls.SUBTREE_SCOPE,new UserBeanLdapMapper());
return list;
}
public void removeOnePerson(UserBean bean) {
ldapTemplate2.unbind(getDn(bean));
}
/**
* 删除一条子节点记录,根据cn
*
* @param parentCn
* @param childCn
*/
public void removeOnePerson(String parentCn, String childCn) {
ldapTemplate2.unbind(getDn(parentCn, childCn));
}
/**
* 添加子节点
*
* @param ldapTemplate
* @param person
*/
public void createOnePerson(UserBean person) {
BasicAttribute objclassSet = new BasicAttribute("objectclass");
// ba.add("person"); // 此处的person对应的是core.schema文件中的objectClass:person
objclassSet.add("person");
objclassSet.add("top");
objclassSet.add("organizationalPerson");
objclassSet.add("inetOrgPerson");
Attributes attr = new BasicAttributes();
attr.put(objclassSet);
if(person.getCn()!=null&&person.getGrandson()==null)
attr.put("cn", person.getCn());
if(person.getSn()!=null)
attr.put("sn", person.getSn());
if(person.getSt()!=null)
attr.put("st", person.getSt());
if(person.getUid()!=null)
attr.put("uid", person.getUid());
if(person.getDescription()!=null)
attr.put("description", person.getDescription());
if(person.getOu()!=null)
attr.put("ou", person.getOu());
// bind方法即是添加一条记录。
ldapTemplate2.bind(getDn(person), null, attr);
}
/**
* 修改子节点内容sn
*
* @param ldapTemplate
* @param person
*/
public void updateAddOnePerson(UserBean person) {
if (person == null || person.getCn() == null || person.getCn().length() <= 0) {
return;
}
List<ModificationItem> mList = new ArrayList<ModificationItem>();
if(person.getUid()!=null)
mList.add(new ModificationItem(DirContext.REPLACE_ATTRIBUTE,new BasicAttribute("uid", person.getUid())));
if(person.getSn()!=null)
mList.add(new ModificationItem(DirContext.REPLACE_ATTRIBUTE,new BasicAttribute("sn", person.getSn())));
if(person.getDescription()!=null)
mList.add(new ModificationItem(DirContext.ADD_ATTRIBUTE,new BasicAttribute("description", person.getDescription())));
if(person.getChildCn()!=null)
mList.add(new ModificationItem(DirContext.REPLACE_ATTRIBUTE,new BasicAttribute("cn", person.getChildCn())));
if (mList.size() > 0) {
ModificationItem[] mArray = new ModificationItem[mList.size()];
for (int i = 0; i < mList.size(); i++) {
mArray[i] = mList.get(i);
}
// modifyAttributes 方法是修改对象的操作,与rebind()方法需要区别开
ldapTemplate2.modifyAttributes(getDn(person.getCn(),person.getChildCn()), mArray);
}
}
/**
* 更新群组权限
* @param person
*/
public void updateDescription(UserBean person) {
if (person == null || person.getCn() == null || person.getCn().length() <= 0) {
return;
}
List<ModificationItem> mList = new ArrayList<ModificationItem>();
if(person.getDescription()!=null)
mList.add(new ModificationItem(DirContext.ADD_ATTRIBUTE,new BasicAttribute("description", person.getDescription())));
if (mList.size() > 0) {
ModificationItem[] mArray = new ModificationItem[mList.size()];
for (int i = 0; i < mList.size(); i++) {
mArray[i] = mList.get(i);
}
// modifyAttributes 方法是修改对象的操作,与rebind()方法需要区别开
ldapTemplate2.modifyAttributes(getDn(person.getCn(),person.getChildCn()), mArray);
}
}
/**
* 检查url是否存在
*
* @param person
* @return
*/
public List<UserBean> checkUriIsExist(UserBean person) {
List<UserBean> list = new ArrayList<UserBean>();
// 查询过滤条件
AndFilter andFilter = new AndFilter();
if (person.getUid() != null)
andFilter.and(new EqualsFilter("uid", person.getUid()));
if (person.getSn() != null)
andFilter.and(new EqualsFilter("sn", person.getSn()));
if (person.getCn() != null)
andFilter.and(new EqualsFilter("cn", person.getCn()));
if (person.getSt() != null)
andFilter.and(new EqualsFilter("st", person.getSt()));
if (person.getDescription() != null)
andFilter.and(new EqualsFilter("description", person.getDescription()));
// search是根据过滤条件进行查询,第一个参数是父节点的dn,可以为空,不为空时查询效率更高
list = ldapTemplate2.search("", andFilter.encode(),new UserBeanLdapMapper());
return list;
}
}