From fbb6fc0277965c9dcfdd81ee78459ee6f3e03a6e Mon Sep 17 00:00:00 2001 From: shiziyuan9527 Date: Wed, 8 Jul 2020 01:02:16 +0800 Subject: [PATCH] ldap --- .../io/metersphere/ldap/dao/PersonRepo.java | 6 +-- .../metersphere/ldap/dao/PersonRepoImpl.java | 45 ++++++++++++------- .../io/metersphere/ldap/domain/Person.java | 3 +- .../metersphere/ldap/service/LdapService.java | 26 ++++++----- .../settings/system/LdapSetting.vue | 1 + 5 files changed, 47 insertions(+), 34 deletions(-) diff --git a/backend/src/main/java/io/metersphere/ldap/dao/PersonRepo.java b/backend/src/main/java/io/metersphere/ldap/dao/PersonRepo.java index d6e4821364..bf0306cefd 100644 --- a/backend/src/main/java/io/metersphere/ldap/dao/PersonRepo.java +++ b/backend/src/main/java/io/metersphere/ldap/dao/PersonRepo.java @@ -1,11 +1,9 @@ package io.metersphere.ldap.dao; -import java.util.List; +import io.metersphere.ldap.domain.Person; public interface PersonRepo { - List findByName(String name); - - String getDnForUser(String name); + Person getDnForUser(String name); } diff --git a/backend/src/main/java/io/metersphere/ldap/dao/PersonRepoImpl.java b/backend/src/main/java/io/metersphere/ldap/dao/PersonRepoImpl.java index 106885bc77..00793de941 100644 --- a/backend/src/main/java/io/metersphere/ldap/dao/PersonRepoImpl.java +++ b/backend/src/main/java/io/metersphere/ldap/dao/PersonRepoImpl.java @@ -15,12 +15,15 @@ import org.springframework.ldap.core.*; import org.springframework.ldap.core.support.AbstractContextMapper; import org.springframework.ldap.core.support.DefaultDirObjectFactory; import org.springframework.ldap.core.support.LdapContextSource; -import org.springframework.ldap.query.LdapQuery; +import org.springframework.ldap.query.SearchScope; import org.springframework.stereotype.Service; + import javax.annotation.Resource; import javax.naming.directory.DirContext; import javax.naming.ldap.LdapContext; +import java.util.Hashtable; import java.util.List; +import java.util.Map; import static org.springframework.ldap.query.LdapQueryBuilder.query; @@ -62,31 +65,32 @@ public class PersonRepoImpl implements PersonRepo { } @Override - public List findByName(String name) { + public Person getDnForUser(String username) { LdapTemplate ldapTemplate = getConnection(); - LdapQuery query = query().where("cn").is(name); - return ldapTemplate.search(query, getContextMapper()); - } + String filter = getFilter(); - @Override - public String getDnForUser(String uid) { - LdapTemplate ldapTemplate = getConnection(); - List result = ldapTemplate.search( - query().where("cn").is(uid), - new AbstractContextMapper() { - @Override - protected String doMapFromContext(DirContextOperations ctx) { - return ctx.getNameInNamespace(); - } - }); + List result = ldapTemplate.search( + query().filter(filter, username), + getContextMapper()); + + System.out.println(result.toString()); if (result.size() != 1) { throw new RuntimeException(Translator.get("user_not_found_or_not_unique")); } - return result.get(0); } + private String getFilter() { + String filter = service.getValue(ParamConstants.LDAP.FILTER.getValue()); + + if (StringUtils.isBlank(filter)) { + filter = "(sAMAccountName={0})"; + } + + return filter; + } + protected ContextMapper getContextMapper() { return new PersonContextMapper(); } @@ -95,6 +99,8 @@ public class PersonRepoImpl implements PersonRepo { @Override public Person doMapFromContext(DirContextOperations context) { Person person = new Person(); + person.setDn(context.getNameInNamespace()); + person.setUid(context.getStringAttribute("uid")); person.setCommonName(context.getStringAttribute("cn")); person.setSurName(context.getStringAttribute("sn")); person.setUsername(context.getStringAttribute("sAMAccountName")); @@ -123,6 +129,11 @@ public class PersonRepoImpl implements PersonRepo { sourceLdapCtx.afterPropertiesSet(); LdapTemplate ldapTemplate = new LdapTemplate(sourceLdapCtx); ldapTemplate.setIgnorePartialResultException(true); + Map baseEnv = new Hashtable<>(); + baseEnv.put("com.sun.jndi.ldap.connect.timeout", "3000"); + baseEnv.put("com.sun.jndi.ldap.read.timeout", "3000"); + sourceLdapCtx.setBaseEnvironmentProperties(baseEnv); + ldapTemplate.setDefaultSearchScope(SearchScope.SUBTREE.getId()); // ldapTemplate 是否可用 authenticate(dn, credentials, ldapTemplate); diff --git a/backend/src/main/java/io/metersphere/ldap/domain/Person.java b/backend/src/main/java/io/metersphere/ldap/domain/Person.java index 36205db73f..3da72e1341 100644 --- a/backend/src/main/java/io/metersphere/ldap/domain/Person.java +++ b/backend/src/main/java/io/metersphere/ldap/domain/Person.java @@ -14,7 +14,7 @@ public class Person { @Id private Name id; - @DnAttribute(value="uid",index = 3) + @DnAttribute(value="uid",index = 0) private String uid; @Attribute(name = "cn") private String commonName; @@ -24,5 +24,6 @@ public class Person { private String username; @Attribute(name = "mail") private String email; + private String dn; } \ No newline at end of file diff --git a/backend/src/main/java/io/metersphere/ldap/service/LdapService.java b/backend/src/main/java/io/metersphere/ldap/service/LdapService.java index ee7cd48190..d0d0467a2c 100644 --- a/backend/src/main/java/io/metersphere/ldap/service/LdapService.java +++ b/backend/src/main/java/io/metersphere/ldap/service/LdapService.java @@ -23,25 +23,27 @@ public class LdapService { String dn = null; String username = request.getUsername(); String credentials = request.getPassword(); - + Person person = null; List personList = null; try { - // select user by sAMAccountName - personList = personRepo.findByName(username); - - if (personList.size() == 1) { - dn = personRepo.getDnForUser(username); - } else if (personList.size() == 0) { - MSException.throwException(Translator.get("user_not_exist") + username); - } else { - MSException.throwException(Translator.get("find_more_user")); - } +// // select user by sAMAccountName +// personList = personRepo.findByName(username); +// +// if (personList.size() == 1) { +// dn = personRepo.getDnForUser(username); +// } else if (personList.size() == 0) { +// MSException.throwException(Translator.get("user_not_exist") + username); +// } else { +// MSException.throwException(Translator.get("find_more_user")); +// } + person = personRepo.getDnForUser(username); + dn = person.getDn(); } catch (CommunicationException e) { MSException.throwException(Translator.get("ldap_connect_fail")); } personRepo.authenticate(dn, credentials); - return personList.get(0); + return person; } public void testConnect(LdapInfo ldap) { diff --git a/frontend/src/business/components/settings/system/LdapSetting.vue b/frontend/src/business/components/settings/system/LdapSetting.vue index 0c710e8a5b..62e4a97fc7 100644 --- a/frontend/src/business/components/settings/system/LdapSetting.vue +++ b/frontend/src/business/components/settings/system/LdapSetting.vue @@ -82,6 +82,7 @@ dn: {required: true, message: this.$t('ldap.input_dn'), trigger: ['change', 'blur']}, password: {required: true, message: this.$t('ldap.input_password'), trigger: ['change', 'blur']}, ou: {required: true, message: this.$t('ldap.input_ou'), trigger: ['change', 'blur']}, + filter: {required: true, message: this.$t('ldap.input_ou'), trigger: ['change', 'blur']} }, loginFormRules: { username: {required: true, message: this.$t('ldap.input_username'), trigger: 'blur'},