This commit is contained in:
chenjianxing 2020-06-24 17:46:45 +08:00
commit a9f81bc59f
3 changed files with 65 additions and 40 deletions

View File

@ -2,56 +2,38 @@ package io.metersphere.ldap;
import io.metersphere.commons.exception.MSException;
import io.metersphere.controller.request.LoginRequest;
import org.apache.shiro.realm.ldap.LdapUtils;
import org.springframework.ldap.core.LdapTemplate;
import io.metersphere.i18n.Translator;
import org.springframework.ldap.CommunicationException;
import org.springframework.stereotype.Service;
import javax.annotation.Resource;
import javax.naming.directory.DirContext;
import javax.naming.ldap.LdapContext;
import java.util.List;
import static org.springframework.ldap.query.LdapQueryBuilder.query;
@Service
public class LdapService {
@Resource
private LdapTemplate ldapTemplate;
@Resource
private PersonRepoImpl personRepo;
public boolean authenticate(LoginRequest request) {
// String userDn, String credentials
DirContext ctx = null;
String dn = null;
String username = request.getUsername();
String credentials = request.getPassword();
List user = personRepo.findByName(username);
if (user.size() > 0) {
dn = personRepo.getDnForUser(username);
} else {
MSException.throwException("no such user");
}
try {
ctx = ldapTemplate.getContextSource().getContext(dn, credentials);
// ldapTemplate.authenticate(dn, credentials);
// Take care here - if a base was specified on the ContextSource
// that needs to be removed from the user DN for the lookup to succeed.
// ctx.lookup(userDn);
return true;
} catch (Exception e) {
// Context creation failed - authentication did not succeed
System.out.println("Login failed: " + e);
MSException.throwException("login failed...");
return false;
} finally {
// It is imperative that the created DirContext instance is always closed
LdapUtils.closeContext((LdapContext) ctx);
// select user by sAMAccountName
List user = personRepo.findByName(username);
if (user.size() == 1) {
dn = personRepo.getDnForUser(username);
} else if (user.size() == 0){
MSException.throwException(Translator.get("user_not_exist") + username);
} else {
MSException.throwException("Found multiple users");
}
} catch (CommunicationException e) {
MSException.throwException("LDAP Server connection failed!");
}
return personRepo.authenticate(dn, credentials);
}
}

View File

@ -1,7 +1,11 @@
package io.metersphere.ldap;
import io.metersphere.commons.exception.MSException;
import io.metersphere.commons.utils.LogUtil;
import io.metersphere.ldap.domain.Person;
import org.apache.shiro.realm.ldap.LdapUtils;
import org.springframework.ldap.AuthenticationException;
import org.springframework.ldap.NamingException;
import org.springframework.ldap.core.*;
import org.springframework.ldap.core.support.AbstractContextMapper;
@ -9,10 +13,9 @@ import org.springframework.ldap.query.LdapQuery;
import org.springframework.stereotype.Service;
import javax.annotation.Resource;
import javax.naming.directory.Attributes;
import javax.naming.directory.DirContext;
import javax.naming.ldap.LdapContext;
import java.util.List;
import static org.springframework.ldap.query.LdapQueryBuilder.query;
@Service
@ -36,6 +39,38 @@ public class PersonRepoImpl implements PersonRepo {
});
}
public boolean authenticate(String dn, String credentials) {
DirContext ctx = null;
try {
ctx = ldapTemplate.getContextSource().getContext(dn, credentials);
// ldapTemplate.authenticate(dn, credentials);
// Take care here - if a base was specified on the ContextSource
// that needs to be removed from the user DN for the lookup to succeed.
// ctx.lookup(userDn);
return true;
} catch (AuthenticationException e) {
LogUtil.error("ldap authenticate failed..." + e);
System.out.println("Login failed: " + e);
MSException.throwException("用户认证失败!");
return false;
} catch (Exception e) {
// Context creation failed - authentication did not succeed
LogUtil.error("ldap authenticate failed..." + e);
System.out.println("Login failed: " + e);
MSException.throwException("login failed...");
return false;
} finally {
// It is imperative that the created DirContext instance is always closed
LdapUtils.closeContext((LdapContext) ctx);
}
}
public List<Person> getAllPersons() {
ldapTemplate.setIgnorePartialResultException(true);
return ldapTemplate.search(query()
.where("objectclass").is("person"), getContextMapper());
}
@Override
public List findByName(String name) {
ldapTemplate.setIgnorePartialResultException(true);
@ -74,7 +109,9 @@ public class PersonRepoImpl implements PersonRepo {
public Person doMapFromContext(DirContextOperations context) {
Person person = new Person();
person.setCommonName(context.getStringAttribute("cn"));
person.setSuerName(context.getStringAttribute("sn"));
person.setSurName(context.getStringAttribute("sn"));
person.setUsername(context.getStringAttribute("sAMAccountName"));
person.setEmail(context.getStringAttribute("mail"));
return person;
}
}

View File

@ -3,11 +3,13 @@ package io.metersphere.ldap.domain;
import lombok.Data;
import org.springframework.ldap.odm.annotations.Attribute;
import org.springframework.ldap.odm.annotations.DnAttribute;
import org.springframework.ldap.odm.annotations.Entry;
import org.springframework.ldap.odm.annotations.Id;
import javax.naming.Name;
@Data
@Entry(objectClasses = {"person", "top"})
public class Person {
@Id
@ -17,6 +19,10 @@ public class Person {
@Attribute(name = "cn")
private String commonName;
@Attribute(name = "sn")
private String suerName;
private String userPassword;
private String surName;
@Attribute(name = "sAMAccountName")
private String username;
@Attribute(name = "mail")
private String email;
}