看了网上很多资料,大多是用于查询认证。增删改很少,特在此整理一下。供大家学习。
注:前置条件,ad域证书已经导入到jdk(大家可以查看我另一篇关于ad证书导入到jdk中)
1.idea创建springboot项目我就不细说了,先导入idap依赖
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-data-ldap</artifactId>
</dependency>2.application.yml文件配置idap基础信息
spring:
# LDAP连接配置
ldap:
urls: ldaps://ip:636/
base: OU=xxx,OU=xxx,DC=xxx,DC=xxx
username: xxx
password: xxx注:636端口是ssl连接,需要证书导入,便于修改密码。如果只做用户认证端口用389即可
3.创建实体类
package com.example.idapoperation.model;
import com.fasterxml.jackson.annotation.JsonIgnore;
import io.swagger.annotations.ApiModelProperty;
import lombok.Data;
import org.springframework.ldap.odm.annotations.Attribute;
import org.springframework.ldap.odm.annotations.Entry;
import org.springframework.ldap.odm.annotations.Id;
import javax.naming.Name;
@Entry(objectClasses = {"user", "organizationalPerson","top","Person"})
@Data
public class LdapUser {
@Id
@JsonIgnore // 必写
private Name dn;
@Attribute(name = "distinguishedName")
@ApiModelProperty(value = "识别名", name = "dn")
private String distinguishedName;
/**
* 登录账号
*/
@Attribute(name = "sAMAccountName")
@ApiModelProperty(value = "登录账号", required = true, name = "loginName")
private String loginName;
/**
* 正式名称,即用户姓
*/
@Attribute(name = "cn")
@ApiModelProperty(value = "正式名称,AD域属性值cn,需唯一,例如用工号", name = "userName")
private String userName;
/**
* 姓
*/
@Attribute(name = "sn")
@ApiModelProperty(value = "姓", required = true, name = "sn")
private String sn;
/**
* 名
*/
@Attribute(name = "givenname")
@ApiModelProperty(value = "名", required = true, name = "givenName")
private String givenName;
/**
* 显示名称
*/
@Attribute(name = "displayName ")
@ApiModelProperty(value = "显示名称", required = true, name = "displayName")
private String displayName;
/**
* 邮箱
*/
@Attribute(name = "mail")
@ApiModelProperty(value = "邮箱", required = true, name = "email")
private String email;
@Attribute(name = "userAccountControl")
@ApiModelProperty(value = "用户属性", name = 
最低0.47元/天 解锁文章
扫一扫
882
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
