流程:
1.用戶調登錄接口,傳用戶名和密碼2.用戶名和密碼在ad驗證,驗證通過后,返回當前用戶的相關信息。(注:ldap為java自帶的api不需要maven引入其他的)3.根據返回的用戶信息,實現自己系統的業務邏輯
@RequestMapping("/getMsg")
@ResponseBody
public String getAllPersonNamesWithTraditionalWay(@RequestParam String username,@RequestParam String password) {
Hashtable env = new Hashtable();
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
//ldap://192.168.153.129:389/dc=contoso,dc=com
env.put(Context.PROVIDER_URL, "ldap://192.168.153.129:389/dc=contoso,dc=com");
env.put(Context.SECURITY_PRINCIPAL, username);
env.put(Context.SECURITY_CREDENTIALS, password);
DirContext ctx;
String name="";
NamingEnumeration results = null;
try {
ctx = new InitialDirContext(env);
SearchControls controls = new SearchControls();
controls.setSearchScope(SearchControls.SUBTREE_SCOPE);
results = ctx.search("", "(&(objectclass=person)(userprincipalname=" + username+ "))",controls);
SearchResult searchResult = (SearchResult) results.next();
Attributes attributes = searchResult.getAttributes();
name = attributes.get("userprincipalname").get().toString().split("@")[0];
}
catch (AuthenticationException e)
{
String erroMsg= e.toString();
e.printStackTrace();
return erroMsg;
}
catch (NameNotFoundException e) {
String erroMsg= e.toString();
e.printStackTrace();
return erroMsg;
} catch (NamingException e) {
e.printStackTrace();
String erroMsg= e.toString();
return erroMsg;
} finally {
if (results != null) {
try {
results.close();
} catch (Exception e) {
}
}
}
return name;
}
返回了登錄用戶的name字段。還有其他字段如下圖)
微軟ad域樣子:(我是通過虛擬機安裝了windos sever 2008 r2 然后在其系統上,安裝了AD域)
