单点登录之apacheds之springMVC下操作使用

1、添加支持的jar包
spring-ldap-core-2.0.2.RELEASE.jar
2、spring中配置

<bean id="contextSourceTarget" class="org.springframework.ldap.core.support.LdapContextSource">    <property name="url" value="ldap://localhost:10389" />    <property name="base" value="dc=ngcc,dc=com" />    <property name="userDn" value="uid=admin,ou=system" />    <property name="password" value="secret" />    </bean>    <bean id="contextSource"        class="org.springframework.ldap.transaction.compensating.manager.TransactionAwareContextSourceProxy">        <constructor-arg ref="contextSourceTarget" />    </bean>    <bean id="ldapTemplate" class="org.springframework.ldap.core.LdapTemplate">        <constructor-arg ref="contextSource" />    </bean>

可是使用多数据源，多数据源配置复制上面配置信息，修改bean的id即可，在注解引用的时候，标明是那个ldap的

3、创建实体bean

package com.bean.ldap;import java.util.ArrayList;import com.model.BaseModel;public class UserBean extends BaseModel {    private String cn;    private String oldCn;    //返回cn的集合    private ArrayList cns;    private String childCn;    private String sn;    private String grandson;    private String uid;    private String userPassword;    private String description;    //返回属性descriptions的集合    private ArrayList<String> descriptions;    private String ou;    private String st;    public String getSt() {        return st;    }    public void setSt(String st) {        this.st = st;    }    public ArrayList<String> getDescriptions() {        return descriptions;    }    public void setDescriptions(ArrayList<String> descriptions) {        this.descriptions = descriptions;    }    public String getDescription() {        return description;    }    public void setDescription(String description) {        this.description = description;    }    public String getCn() {        return cn;    }    public void setCn(String cn) {        this.cn = cn;    }    public String getSn() {        return sn;    }    public void setSn(String sn) {        this.sn = sn;    }    public String getUid() {        return uid;    }    public void setUid(String uid) {        this.uid = uid;    }    public String getUserPassword() {        return userPassword;    }    public void setUserPassword(String userPassword) {        this.userPassword = userPassword;    }    public String getChildCn() {        return childCn;    }    public void setChildCn(String childCn) {        this.childCn = childCn;    }    public String getOu() {        return ou;    }    public void setOu(String ou) {        this.ou = ou;    }    public ArrayList getCns() {        return cns;    }    public void setCns(ArrayList cns) {        this.cns = cns;    }    public String getOldCn() {        return oldCn;    }    public void setOldCn(String oldCn) {        this.oldCn = oldCn;    }    public String getGrandson() {        return grandson;    }    public void setGrandson(String grandson) {        this.grandson = grandson;    }}

4、创建bean后创建返回对象作为ldap查询返回类型
创建UserBeanLdapMapper.java 作为范围类型对象，并继承AttributesMapper

package com.mapper.ldap;import java.util.ArrayList;import javax.naming.NamingEnumeration;import javax.naming.NamingException;import javax.naming.directory.Attributes;import org.springframework.ldap.core.AttributesMapper;import com.bean.ldap.UserBean;public class UserBeanLdapMapper implements AttributesMapper{    @Overridepublic Object mapFromAttributes(Attributes attr) throws NamingException {                       //创建UserBean 对象            UserBean person = new UserBean();//如果sn不为空设置sn              if(attr.get("sn")!=null){                  person.setSn(attr.get("sn").get().toString());            }              if(attr.get("ou")!=null){                  person.setOu(attr.get("ou").get().toString());            }              if(attr.get("st")!=null){                  person.setSt(attr.get("st").get().toString());            }  //设置cn，通过attr.get("cn").getAll()获取所有的cn返回的是枚举类型，创建list集合，并通过while循环，添加到list集合中            if(attr.get("cn")!=null){            ArrayList list=new ArrayList();              NamingEnumeration<String> all = (NamingEnumeration<String>) attr.get("cn").getAll();              while(all.hasMoreElements()){                 list.add(all.nextElement());              }              person.setCns(list);              person.setCn(attr.get("cn").get().toString());            }            if(attr.get("uid")!=null)            person.setUid((String)attr.get("uid").get());             if(attr.get("description")!=null){            ArrayList list=new ArrayList();            NamingEnumeration<String> all = (NamingEnumeration<String>) attr.get("description").getAll();            while(all.hasMoreElements()){                list.add(all.nextElement());}            person.setDescriptions(list);             person.setDescription(attr.get("description").get().toString());            }            return person;      } }

5、接下来就是创建工具累对ldap的增删修改查询了，在这里注意一些子查询，子子节点（孙节点查询也在该方法内）
这里包含了实际开发中的一些业务逻辑，在参考的时候多多注意，根据自己的需求修改。

package com.dao;import java.util.ArrayList;import java.util.List;import javax.annotation.Resource;import javax.naming.directory.Attributes;import javax.naming.directory.BasicAttribute;import javax.naming.directory.BasicAttributes;import javax.naming.directory.DirContext;import javax.naming.directory.ModificationItem;import javax.naming.directory.SearchControls;import org.springframework.beans.factory.annotation.Autowired;import org.springframework.context.ApplicationContext;import org.springframework.context.support.ClassPathXmlApplicationContext;import org.springframework.ldap.core.DistinguishedName;import org.springframework.ldap.core.LdapTemplate;import org.springframework.ldap.filter.AndFilter;import org.springframework.ldap.filter.EqualsFilter;import org.springframework.stereotype.Service;import com.bean.ldap.UserBean;import com.mapper.ldap.UserBeanLdapMapper;@Servicepublic class LdapTemplatDaoUrl {    @Resource(name = "ldapTemplate2")    private LdapTemplate ldapTemplate2;    public LdapTemplate getLdapTemplate2() {        return ldapTemplate2;    }    public void setLdapTemplate2(LdapTemplate ldapTemplate2) {        this.ldapTemplate2 = ldapTemplate2;    }    /**     * 获取dn     *      * @param parentCn父节点cn值     * @param childCn     *            子节点cn值     * @return     */    @SuppressWarnings("deprecation")    private DistinguishedName getDn(String parentCn, String childCn) {        // 得到根目录，也就是配置文件中配置的ldap的根目录        DistinguishedName newContactDN = new DistinguishedName();        // 添加cn，即使得该条记录的dn为"cn=cn,根目录",例如"cn=abc,dc=testdc,dc=com"        newContactDN.append("cn", parentCn);        if(childCn!=null&&!childCn.equals(""))        newContactDN.append("cn", childCn);        return newContactDN;    }    @SuppressWarnings("deprecation")    private DistinguishedName getDn(UserBean person) {        // 得到根目录，也就是配置文件中配置的ldap的根目录        DistinguishedName newContactDN = new DistinguishedName();        // 添加cn，即使得该条记录的dn为"cn=cn,根目录",例如"cn=abc,dc=testdc,dc=com"        newContactDN.append("cn", person.getCn());        if(person.getChildCn()!=null&&!person.getChildCn().equals(""))        newContactDN.append("cn", person.getChildCn());        if(person.getGrandson()!=null&&!person.getGrandson().equals(""))            newContactDN.append("cn", person.getGrandson());        return newContactDN;    }    /**     * 查询子节点内容     *      * @param ldapTemplate     * @param person     * @return     */    public List<UserBean> getPersonList(UserBean person) {        List<UserBean> list = new ArrayList<UserBean>();        // 查询过滤条件        AndFilter andFilter = new AndFilter();        //根据子节点Cn查询        if(person.getChildCn()!=null){            andFilter.and(new EqualsFilter("cn", person.getChildCn()));}        else{                andFilter.and(new EqualsFilter("objectclass", "person"));                  andFilter.and(new EqualsFilter("cn", person.getCn()));        }        //根据子节点sn查询        if(person.getSn()!=null)            andFilter.and(new EqualsFilter("sn", person.getSn()));        //根据子节点Uid查询        if(person.getUid()!=null)            andFilter.and(new EqualsFilter("uid", person.getUid()));        //根据子节点description查询        if(person.getDescription()!=null)            andFilter.and(new EqualsFilter("description", person.getDescription()));        if(person.getSt()!=null)            andFilter.and(new EqualsFilter("st", person.getSt()));        // search是根据过滤条件进行查询，第一个参数是父节点的dn，可以为空，不为空时查询效率更高        DistinguishedName dn = new DistinguishedName();        dn.append("cn", person.getCn());        list = ldapTemplate2.search(dn, andFilter.encode(),SearchControls.ONELEVEL_SCOPE,new UserBeanLdapMapper());        return list;    }    /**     * 获取组的所有权限     * @param person     * @param check  检查权限是否存在     * @return     */    public List<UserBean> getGroupPersonList(UserBean person,String check) {        List<UserBean> list = new ArrayList<UserBean>();        // 查询过滤条件        AndFilter andFilter = new AndFilter();        andFilter.and(new EqualsFilter("objectclass", "person"));         if(check.equals("check"))            andFilter.and(new EqualsFilter("cn", person.getGrandson()));         // search是根据过滤条件进行查询，第一个参数是父节点的dn，可以为空，不为空时查询效率更高        DistinguishedName dn = new DistinguishedName();        dn.append("cn", person.getCn());        dn.append("cn", person.getChildCn());        list = ldapTemplate2.search(dn, andFilter.encode(),SearchControls.SUBTREE_SCOPE,new UserBeanLdapMapper());        return list;    }    public void removeOnePerson(UserBean bean) {        ldapTemplate2.unbind(getDn(bean));    }    /**     * 删除一条子节点记录，根据cn     *      * @param parentCn     * @param childCn     */    public void removeOnePerson(String parentCn, String childCn) {        ldapTemplate2.unbind(getDn(parentCn, childCn));    }    /**     * 添加子节点     *      * @param ldapTemplate     * @param person     */    public void createOnePerson(UserBean person) {        BasicAttribute objclassSet = new BasicAttribute("objectclass");        // ba.add("person"); // 此处的person对应的是core.schema文件中的objectClass：person        objclassSet.add("person");        objclassSet.add("top");        objclassSet.add("organizationalPerson");        objclassSet.add("inetOrgPerson");        Attributes attr = new BasicAttributes();        attr.put(objclassSet);        if(person.getCn()!=null&&person.getGrandson()==null)        attr.put("cn", person.getCn());        if(person.getSn()!=null)        attr.put("sn", person.getSn());        if(person.getSt()!=null)        attr.put("st", person.getSt());        if(person.getUid()!=null)        attr.put("uid", person.getUid());        if(person.getDescription()!=null)        attr.put("description", person.getDescription());        if(person.getOu()!=null)            attr.put("ou", person.getOu());        // bind方法即是添加一条记录。        ldapTemplate2.bind(getDn(person), null, attr);    }    /**     * 修改子节点内容sn     *      * @param ldapTemplate     * @param person     */    public void updateAddOnePerson(UserBean person) {        if (person == null || person.getCn() == null || person.getCn().length() <= 0) {            return;        }        List<ModificationItem> mList = new ArrayList<ModificationItem>();        if(person.getUid()!=null)        mList.add(new ModificationItem(DirContext.REPLACE_ATTRIBUTE,new BasicAttribute("uid", person.getUid())));        if(person.getSn()!=null)            mList.add(new ModificationItem(DirContext.REPLACE_ATTRIBUTE,new BasicAttribute("sn", person.getSn())));        if(person.getDescription()!=null)            mList.add(new ModificationItem(DirContext.ADD_ATTRIBUTE,new BasicAttribute("description", person.getDescription())));        if(person.getChildCn()!=null)            mList.add(new ModificationItem(DirContext.REPLACE_ATTRIBUTE,new BasicAttribute("cn", person.getChildCn())));        if (mList.size() > 0) {            ModificationItem[] mArray = new ModificationItem[mList.size()];            for (int i = 0; i < mList.size(); i++) {                mArray[i] = mList.get(i);            }            // modifyAttributes 方法是修改对象的操作，与rebind（）方法需要区别开            ldapTemplate2.modifyAttributes(getDn(person.getCn(),person.getChildCn()), mArray);        }    }    /**     * 更新群组权限     * @param person     */    public void updateDescription(UserBean person) {        if (person == null || person.getCn() == null || person.getCn().length() <= 0) {            return;        }        List<ModificationItem> mList = new ArrayList<ModificationItem>();        if(person.getDescription()!=null)            mList.add(new ModificationItem(DirContext.ADD_ATTRIBUTE,new BasicAttribute("description", person.getDescription())));        if (mList.size() > 0) {            ModificationItem[] mArray = new ModificationItem[mList.size()];            for (int i = 0; i < mList.size(); i++) {                mArray[i] = mList.get(i);            }            // modifyAttributes 方法是修改对象的操作，与rebind（）方法需要区别开            ldapTemplate2.modifyAttributes(getDn(person.getCn(),person.getChildCn()), mArray);        }    }    /**     * 检查url是否存在     *      * @param person     * @return     */    public List<UserBean> checkUriIsExist(UserBean person) {        List<UserBean> list = new ArrayList<UserBean>();        // 查询过滤条件        AndFilter andFilter = new AndFilter();        if (person.getUid() != null)            andFilter.and(new EqualsFilter("uid", person.getUid()));        if (person.getSn() != null)            andFilter.and(new EqualsFilter("sn", person.getSn()));        if (person.getCn() != null)            andFilter.and(new EqualsFilter("cn", person.getCn()));        if (person.getSt() != null)            andFilter.and(new EqualsFilter("st", person.getSt()));        if (person.getDescription() != null)            andFilter.and(new EqualsFilter("description", person.getDescription()));        // search是根据过滤条件进行查询，第一个参数是父节点的dn，可以为空，不为空时查询效率更高        list = ldapTemplate2.search("", andFilter.encode(),new UserBeanLdapMapper());        return list;    }}