单点登录之apacheds之springMVC下操作使用
来源:互联网 发布:搜片大师源码 编辑:程序博客网 时间:2024/06/14 17:56
1、添加支持的jar包
spring-ldap-core-2.0.2.RELEASE.jar
2、spring中配置
<bean id="contextSourceTarget" class="org.springframework.ldap.core.support.LdapContextSource"> <property name="url" value="ldap://localhost:10389" /> <property name="base" value="dc=ngcc,dc=com" /> <property name="userDn" value="uid=admin,ou=system" /> <property name="password" value="secret" /> </bean> <bean id="contextSource" class="org.springframework.ldap.transaction.compensating.manager.TransactionAwareContextSourceProxy"> <constructor-arg ref="contextSourceTarget" /> </bean> <bean id="ldapTemplate" class="org.springframework.ldap.core.LdapTemplate"> <constructor-arg ref="contextSource" /> </bean>
可是使用多数据源,多数据源配置复制上面配置信息,修改bean的id即可,在注解引用的时候,标明是那个ldap的
3、创建实体bean
package com.bean.ldap;import java.util.ArrayList;import com.model.BaseModel;public class UserBean extends BaseModel { private String cn; private String oldCn; //返回cn的集合 private ArrayList cns; private String childCn; private String sn; private String grandson; private String uid; private String userPassword; private String description; //返回属性descriptions的集合 private ArrayList<String> descriptions; private String ou; private String st; public String getSt() { return st; } public void setSt(String st) { this.st = st; } public ArrayList<String> getDescriptions() { return descriptions; } public void setDescriptions(ArrayList<String> descriptions) { this.descriptions = descriptions; } public String getDescription() { return description; } public void setDescription(String description) { this.description = description; } public String getCn() { return cn; } public void setCn(String cn) { this.cn = cn; } public String getSn() { return sn; } public void setSn(String sn) { this.sn = sn; } public String getUid() { return uid; } public void setUid(String uid) { this.uid = uid; } public String getUserPassword() { return userPassword; } public void setUserPassword(String userPassword) { this.userPassword = userPassword; } public String getChildCn() { return childCn; } public void setChildCn(String childCn) { this.childCn = childCn; } public String getOu() { return ou; } public void setOu(String ou) { this.ou = ou; } public ArrayList getCns() { return cns; } public void setCns(ArrayList cns) { this.cns = cns; } public String getOldCn() { return oldCn; } public void setOldCn(String oldCn) { this.oldCn = oldCn; } public String getGrandson() { return grandson; } public void setGrandson(String grandson) { this.grandson = grandson; }}
4、创建bean后创建返回对象作为ldap查询返回类型
创建UserBeanLdapMapper.java 作为范围类型对象,并继承AttributesMapper
package com.mapper.ldap;import java.util.ArrayList;import javax.naming.NamingEnumeration;import javax.naming.NamingException;import javax.naming.directory.Attributes;import org.springframework.ldap.core.AttributesMapper;import com.bean.ldap.UserBean;public class UserBeanLdapMapper implements AttributesMapper{ @Overridepublic Object mapFromAttributes(Attributes attr) throws NamingException { //创建UserBean 对象 UserBean person = new UserBean();//如果sn不为空设置sn if(attr.get("sn")!=null){ person.setSn(attr.get("sn").get().toString()); } if(attr.get("ou")!=null){ person.setOu(attr.get("ou").get().toString()); } if(attr.get("st")!=null){ person.setSt(attr.get("st").get().toString()); } //设置cn,通过attr.get("cn").getAll()获取所有的cn返回的是枚举类型,创建list集合,并通过while循环,添加到list集合中 if(attr.get("cn")!=null){ ArrayList list=new ArrayList(); NamingEnumeration<String> all = (NamingEnumeration<String>) attr.get("cn").getAll(); while(all.hasMoreElements()){ list.add(all.nextElement()); } person.setCns(list); person.setCn(attr.get("cn").get().toString()); } if(attr.get("uid")!=null) person.setUid((String)attr.get("uid").get()); if(attr.get("description")!=null){ ArrayList list=new ArrayList(); NamingEnumeration<String> all = (NamingEnumeration<String>) attr.get("description").getAll(); while(all.hasMoreElements()){ list.add(all.nextElement());} person.setDescriptions(list); person.setDescription(attr.get("description").get().toString()); } return person; } }
5、接下来就是创建工具累对ldap的增删修改查询了,在这里注意一些子查询,子子节点(孙节点查询也在该方法内)
这里包含了实际开发中的一些业务逻辑,在参考的时候多多注意,根据自己的需求修改。
package com.dao;import java.util.ArrayList;import java.util.List;import javax.annotation.Resource;import javax.naming.directory.Attributes;import javax.naming.directory.BasicAttribute;import javax.naming.directory.BasicAttributes;import javax.naming.directory.DirContext;import javax.naming.directory.ModificationItem;import javax.naming.directory.SearchControls;import org.springframework.beans.factory.annotation.Autowired;import org.springframework.context.ApplicationContext;import org.springframework.context.support.ClassPathXmlApplicationContext;import org.springframework.ldap.core.DistinguishedName;import org.springframework.ldap.core.LdapTemplate;import org.springframework.ldap.filter.AndFilter;import org.springframework.ldap.filter.EqualsFilter;import org.springframework.stereotype.Service;import com.bean.ldap.UserBean;import com.mapper.ldap.UserBeanLdapMapper;@Servicepublic class LdapTemplatDaoUrl { @Resource(name = "ldapTemplate2") private LdapTemplate ldapTemplate2; public LdapTemplate getLdapTemplate2() { return ldapTemplate2; } public void setLdapTemplate2(LdapTemplate ldapTemplate2) { this.ldapTemplate2 = ldapTemplate2; } /** * 获取dn * * @param parentCn父节点cn值 * @param childCn * 子节点cn值 * @return */ @SuppressWarnings("deprecation") private DistinguishedName getDn(String parentCn, String childCn) { // 得到根目录,也就是配置文件中配置的ldap的根目录 DistinguishedName newContactDN = new DistinguishedName(); // 添加cn,即使得该条记录的dn为"cn=cn,根目录",例如"cn=abc,dc=testdc,dc=com" newContactDN.append("cn", parentCn); if(childCn!=null&&!childCn.equals("")) newContactDN.append("cn", childCn); return newContactDN; } @SuppressWarnings("deprecation") private DistinguishedName getDn(UserBean person) { // 得到根目录,也就是配置文件中配置的ldap的根目录 DistinguishedName newContactDN = new DistinguishedName(); // 添加cn,即使得该条记录的dn为"cn=cn,根目录",例如"cn=abc,dc=testdc,dc=com" newContactDN.append("cn", person.getCn()); if(person.getChildCn()!=null&&!person.getChildCn().equals("")) newContactDN.append("cn", person.getChildCn()); if(person.getGrandson()!=null&&!person.getGrandson().equals("")) newContactDN.append("cn", person.getGrandson()); return newContactDN; } /** * 查询子节点内容 * * @param ldapTemplate * @param person * @return */ public List<UserBean> getPersonList(UserBean person) { List<UserBean> list = new ArrayList<UserBean>(); // 查询过滤条件 AndFilter andFilter = new AndFilter(); //根据子节点Cn查询 if(person.getChildCn()!=null){ andFilter.and(new EqualsFilter("cn", person.getChildCn()));} else{ andFilter.and(new EqualsFilter("objectclass", "person")); andFilter.and(new EqualsFilter("cn", person.getCn())); } //根据子节点sn查询 if(person.getSn()!=null) andFilter.and(new EqualsFilter("sn", person.getSn())); //根据子节点Uid查询 if(person.getUid()!=null) andFilter.and(new EqualsFilter("uid", person.getUid())); //根据子节点description查询 if(person.getDescription()!=null) andFilter.and(new EqualsFilter("description", person.getDescription())); if(person.getSt()!=null) andFilter.and(new EqualsFilter("st", person.getSt())); // search是根据过滤条件进行查询,第一个参数是父节点的dn,可以为空,不为空时查询效率更高 DistinguishedName dn = new DistinguishedName(); dn.append("cn", person.getCn()); list = ldapTemplate2.search(dn, andFilter.encode(),SearchControls.ONELEVEL_SCOPE,new UserBeanLdapMapper()); return list; } /** * 获取组的所有权限 * @param person * @param check 检查权限是否存在 * @return */ public List<UserBean> getGroupPersonList(UserBean person,String check) { List<UserBean> list = new ArrayList<UserBean>(); // 查询过滤条件 AndFilter andFilter = new AndFilter(); andFilter.and(new EqualsFilter("objectclass", "person")); if(check.equals("check")) andFilter.and(new EqualsFilter("cn", person.getGrandson())); // search是根据过滤条件进行查询,第一个参数是父节点的dn,可以为空,不为空时查询效率更高 DistinguishedName dn = new DistinguishedName(); dn.append("cn", person.getCn()); dn.append("cn", person.getChildCn()); list = ldapTemplate2.search(dn, andFilter.encode(),SearchControls.SUBTREE_SCOPE,new UserBeanLdapMapper()); return list; } public void removeOnePerson(UserBean bean) { ldapTemplate2.unbind(getDn(bean)); } /** * 删除一条子节点记录,根据cn * * @param parentCn * @param childCn */ public void removeOnePerson(String parentCn, String childCn) { ldapTemplate2.unbind(getDn(parentCn, childCn)); } /** * 添加子节点 * * @param ldapTemplate * @param person */ public void createOnePerson(UserBean person) { BasicAttribute objclassSet = new BasicAttribute("objectclass"); // ba.add("person"); // 此处的person对应的是core.schema文件中的objectClass:person objclassSet.add("person"); objclassSet.add("top"); objclassSet.add("organizationalPerson"); objclassSet.add("inetOrgPerson"); Attributes attr = new BasicAttributes(); attr.put(objclassSet); if(person.getCn()!=null&&person.getGrandson()==null) attr.put("cn", person.getCn()); if(person.getSn()!=null) attr.put("sn", person.getSn()); if(person.getSt()!=null) attr.put("st", person.getSt()); if(person.getUid()!=null) attr.put("uid", person.getUid()); if(person.getDescription()!=null) attr.put("description", person.getDescription()); if(person.getOu()!=null) attr.put("ou", person.getOu()); // bind方法即是添加一条记录。 ldapTemplate2.bind(getDn(person), null, attr); } /** * 修改子节点内容sn * * @param ldapTemplate * @param person */ public void updateAddOnePerson(UserBean person) { if (person == null || person.getCn() == null || person.getCn().length() <= 0) { return; } List<ModificationItem> mList = new ArrayList<ModificationItem>(); if(person.getUid()!=null) mList.add(new ModificationItem(DirContext.REPLACE_ATTRIBUTE,new BasicAttribute("uid", person.getUid()))); if(person.getSn()!=null) mList.add(new ModificationItem(DirContext.REPLACE_ATTRIBUTE,new BasicAttribute("sn", person.getSn()))); if(person.getDescription()!=null) mList.add(new ModificationItem(DirContext.ADD_ATTRIBUTE,new BasicAttribute("description", person.getDescription()))); if(person.getChildCn()!=null) mList.add(new ModificationItem(DirContext.REPLACE_ATTRIBUTE,new BasicAttribute("cn", person.getChildCn()))); if (mList.size() > 0) { ModificationItem[] mArray = new ModificationItem[mList.size()]; for (int i = 0; i < mList.size(); i++) { mArray[i] = mList.get(i); } // modifyAttributes 方法是修改对象的操作,与rebind()方法需要区别开 ldapTemplate2.modifyAttributes(getDn(person.getCn(),person.getChildCn()), mArray); } } /** * 更新群组权限 * @param person */ public void updateDescription(UserBean person) { if (person == null || person.getCn() == null || person.getCn().length() <= 0) { return; } List<ModificationItem> mList = new ArrayList<ModificationItem>(); if(person.getDescription()!=null) mList.add(new ModificationItem(DirContext.ADD_ATTRIBUTE,new BasicAttribute("description", person.getDescription()))); if (mList.size() > 0) { ModificationItem[] mArray = new ModificationItem[mList.size()]; for (int i = 0; i < mList.size(); i++) { mArray[i] = mList.get(i); } // modifyAttributes 方法是修改对象的操作,与rebind()方法需要区别开 ldapTemplate2.modifyAttributes(getDn(person.getCn(),person.getChildCn()), mArray); } } /** * 检查url是否存在 * * @param person * @return */ public List<UserBean> checkUriIsExist(UserBean person) { List<UserBean> list = new ArrayList<UserBean>(); // 查询过滤条件 AndFilter andFilter = new AndFilter(); if (person.getUid() != null) andFilter.and(new EqualsFilter("uid", person.getUid())); if (person.getSn() != null) andFilter.and(new EqualsFilter("sn", person.getSn())); if (person.getCn() != null) andFilter.and(new EqualsFilter("cn", person.getCn())); if (person.getSt() != null) andFilter.and(new EqualsFilter("st", person.getSt())); if (person.getDescription() != null) andFilter.and(new EqualsFilter("description", person.getDescription())); // search是根据过滤条件进行查询,第一个参数是父节点的dn,可以为空,不为空时查询效率更高 list = ldapTemplate2.search("", andFilter.encode(),new UserBeanLdapMapper()); return list; }}
1 0
- 单点登录之apacheds之springMVC下操作使用
- 单点登录之apacheds之安装使用
- CAS4.0.7+Apacheds 实现单点登录
- 使用LDAP(ApacheDS)构建统一认证服务(SSO单点登录)
- java之单点登录
- java之单点登录
- 单点登录之,客户端
- 单点登录之,客户端
- (系统框架之单点登录)使用 CAS 在 Tomcat 中实现单点登录
- 工作小结之单点登录
- ecshop二次开发之单点登录
- shiro框架之单点登录
- 单点登录系列之四---使用RDBMS认证
- 单点登录系列之四---使用RDBMS认证
- 使用github托管项目,记录下操作
- lightgbm python基本使用 --mac下操作
- DOS批处理下操作telnet实现自动远程登录操作
- SSH 免密码登录(Linux 环境下操作)
- 求完数
- Android设置EditText只能输入字母和数字
- 微信公众号开发系列
- js验证真实姓名
- freeswitch接入网络摄像头
- 单点登录之apacheds之springMVC下操作使用
- HDU1282 回文数猜想 (简单模拟)
- 如何在ScrollView 中如何嵌入ListView
- 常见的全局变量定义
- HSV颜色相似度
- 用户,组管理
- Eclipse中使用aar文件
- zzulioj1908(小火山的围棋梦想)
- zzulioj-1899