- LDAP介绍
一个为查询、浏览和搜索而优化的专业分布式数据库,它呈树状结构组织数据,和关系数据库不同,它有优异的读性能,但写性能差,并且没有事务处理、回滚等复杂功能,不适于存储修改频繁的数据,所以大多数是用来查询的。
LDAP组织数据方式:
dn :一条记录的详细位置
dc :一条记录所属区域 (哪一颗树)
ou :一条记录所属组织 (哪一个分支)
cn/uid:一条记录的名字/ID (哪一个苹果名字)
- JXplorer使用
JXplorer连接LDAP,相当于是Navicat连接Mysql
填写IP Port DN 用户名 密码后就可以看到数据库内容
- LDAP查询数据
public String JNDILookup() {
// 连接LDAP库
Hashtable env = new Hashtable<>();
String url = "ldap://xx.xx.xx.xx:389/";
String searchBase = "OU=xx,DC=xx,DC=xx,DC=com,DC=cn";
String user = "xxx";
String password = "xxx";
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory"); //LDAP工厂
env.put(Context.SECURITY_AUTHENTICATION, "simple"); //LDAP访问安全级别
env.put(Context.PROVIDER_URL, url);
env.put(Context.SECURITY_PRINCIPAL, user);
env.put(Context.SECURITY_CREDENTIALS, password);
env.put("java.naming.ldap.attributes.binary", "objectSid objectGUID");
LdapContext ctx = null;
try {
ctx = new InitialLdapContext(env, null);
// 根据条件查询
String cn = "xxx";
String filter = "(&(objectClass=top)(objectClass=organizationalPerson)(cn=" + cn + "))";
//String filter = "(&(objectClass=top)(objectClass=organizationalPerson))";
SearchControls searchControls = new SearchControls();
String[] attrNames = {"cn", "mail"};
searchControls.setSearchScope(SearchControls.SUBTREE_SCOPE);
//设置将被返回的Attribute
searchControls.setReturningAttributes(attrNames);
NamingEnumeration<SearchResult> search = ldapCtx.search(searchBase, filter.toString(), searchControls);
while (search.hasMore()) {
SearchResult result = search.next();
NamingEnumeration<? extends Attribute> attrs = result.getAttributes().getAll();
while (attrs.hasMore()) {
Attribute attr = attrs.next();
System.out.println(attr.getID() + "=====" + attr.get());
}
System.out.println("===========");
}
} catch (NamingException e) {
e.printStackTrace();
} finally {
if (ctx != null) {
try {
ctx.close();
} catch (NamingException e) {
}
}
}
return "返回信息";
}
- LdapQueryBuilder类封装使用
在application.yml中写入LDAP相关的配置信息,通过@Value注解赋值
@Configuration
public class LdapConfig {
@Autowired
private GlobalSettings globalSettings;
@Bean
@Primary
public LdapContextSource ldapContextSource() {
LdapContextSource ldapContextSource = new LdapContextSource();
ldapContextSource.setUrl(globalSettings.getLdapUrl());
ldapContextSource.setBase(globalSettings.getLdapBase());
ldapContextSource.setUserDn(globalSettings.getLdapUser());
ldapContextSource.setPassword(globalSettings.getLdapPass());
return ldapContextSource;
}
@Bean
@Primary
// LdapTemplate:连接LDAP库
public LdapTemplate ldapTemplate() {
LdapTemplate ldapTemplate = new LdapTemplate();
ldapTemplate.setContextSource(ldapContextSource());
return ldapTemplate;
}
}
通过浏览器输入ldap中某一个用户的登录信息后获取其他信息,首先注入ldapTemplate
public HashMap<Object, Object> login(String userid, String password) {
HashMap<Object, Object> hashMap = new HashMap<>();
try {
// 查询的用户条件
ContainerCriteria containerCriteria = LdapQueryBuilder.query()
.base(LdapUtils.emptyLdapName())
.where("objectClass").is("person")
.and("sAMAccountName").is(userid);
LdapName ldapName = ldapTemplate.authenticate(containerCriteria, password, (ctx, ldapEntryIdentification) -> ldapEntryIdentification.getRelativeName());
// 查询ldap中字段
final String[] ATTRS = {"sAMAccountName", "mail", "name"};
User lookupedUser = ldapTemplate.lookup(ldapName, ATTRS, new AbstractContextMapper<User>() {
@Override
protected User doMapFromContext(DirContextOperations ctx) {
User user = new User();
user.setUsername(ctx.getStringAttribute(ATTRS[0]));
user.setEmail(ctx.getStringAttribute(ATTRS[1]));
user.setName(ctx.getStringAttribute(ATTRS[2]));
return user;
}
});
hashMap.put("isSuccess",true);
hashMap.put("info",lookupedUser.toString());
return hashMap;
}
}
没有不够学的知识呀,最近这种感慨是越来越多了,每天都是新的东西,这让一个很久不接触新技术的人很是不习惯呀,但没办法,我需要工作,需要生存。
扫一扫
7475
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
