在yml配置文件加入相关配置: ldap: urls: ldap://xxx.xx.xx.xx:389 base: DC=xxx,DC=xxx,DC=xxx username: xxx password: xxx
创建LdapConfiguration:
private static final String INITIAL_CONTEXT_FACTORY = "com.sun.jndi.ldap.LdapCtxFactory"; privatestatic final String SECURITY_AUTHENTICATION = "simple"; privatestatic final String REFERRAL = "follow"; @Value("${spring.ldap.urls}") private String urls; @Value("${spring.ldap.base}") private String base; @Value("${spring.ldap.username}") private String username; @Value("${spring.ldap.password}") private String password; private LdapContext initialLdapContext() { //初始化得到 LdapContext Properties env = new Properties(); env.put(Context.INITIAL_CONTEXT_FACTORY, INITIAL_CONTEXT_FACTORY); env.put(Context.SECURITY_AUTHENTICATION, SECURITY_AUTHENTICATION); env.put(Context.REFERRAL, REFERRAL); env.put(Context.PROVIDER_URL, urls); env.put(Context.SECURITY_PRINCIPAL, username); env.put(Context.SECURITY_CREDENTIALS, password); env.put("java.naming.ldap.attributes.binary", "objectSid"); try { LdapContext context = new InitialLdapContext(env, null); logger.debug(context.toString()); return context; } catch (NamingException e) { e.printStackTrace(); logger.error(e.toString()); } return null; }最后可以用LdapContext 查询Ldap数据: public UserInfo findUser(String Id) {
LdapContext ldapContext = this.initialLdapContext(); SearchControls controls = new SearchControls(); UserInfo user = null; // String []strReturningAttr = {"member"}; // controls.setReturningAttributes(strReturningAttr); controls.setSearchScope(SearchControls.SUBTREE_SCOPE); try { NamingEnumeration<SearchResult> nEnum = ldapContext.search(base, "(&(sAMAccountName=" + Id + ")(objectClass=user))", controls); while (nEnum.hasMore()) { SearchResult sr = nEnum.nextElement(); Attributes attrs = sr.getAttributes(); if (attrs.get("userPrincipalName") == null) continue; else { user = new UserInfo(); user.setId(Id); // get email String email = ""; if (attrs.get("mail") == null) { email = ""; } else { email = (String) attrs.get("mail").get(); } // get name String name = null; Attribute nameAttr = attrs.get("displayName"); if (nameAttr == null) { name = ""; } else { name = (String) nameAttr.get(); } // get cn String cn = null; Attribute cnAttr = attrs.get("cn"); if (cnAttr == null) { cn = ""; } else { cn = (String) cnAttr.get(); } // get objectSID byte[] byteSID = (byte[]) attrs.get("objectsid").get(); String strSID = ObjectSIDConverter.convert(byteSID); // get department String department = this.getAttributeOrDefault(attrs, "department", null); user.setFullName(name); user.setLastName(user.getLastName()) user.setDepartment(department); user.setFirstName(user.getFirstName()); user.setObjectsId(strSID); user.setEmail(email); user.setCn(cn); } return user; } } catch (NamingException e) { logger.error(">>> Connect ID failed, connect time out when find user by ID."); return user; } return user;}
