系统关联windows网域帐号实现登陆

使用网域帐号登陆oa或者mail，相信很多公司都是这么做的。

/** * 登录验证 * @param userName -- 用户名 * @param password -- 密码 * @return DomainUserDTO -- 登陆的用户信息. * @author dsan * @throws Exception */ @Override public DomainUserDTO login(String userName, String password) throws Exception { DomainUserDTO domainUserDTO = null; try{ if(StringUtils.hasText(userName) && StringUtils.hasText(password)){ //定义属性集合 Hashtable<String,String> env = new Hashtable<String,String>(); //设置初始化上下文factory env.put(Context.INITIAL_CONTEXT_FACTORY,"com.sun.jndi.ldap.LdapCtxFactory"); //设置域的URL env.put(Context.PROVIDER_URL, "ldap://192.168.1.1:265"); //设置安全证明 env.put(Context.SECURITY_AUTHENTICATION, "simple"); //设置代理帐号 env.put(Context.SECURITY_PRINCIPAL, userName+"@shihuangzhe.com"); //设置密码 env.put(Context.SECURITY_CREDENTIALS, password); //得倒初始化LDAP上下文对象 InitialLdapContext ctx = new InitialLdapContext(env, null); //用户级别 默认是 user 级别 String objectClass="user"; //用户帐号 默认查找全部 String sAMAccountName=userName; //设置过滤条件 objectClass表示用户级别 sAMAccountName表示帐号 String searchFilter = "(&(objectClass="+objectClass+")(sAMAccountName="+sAMAccountName+"))"; //网域名是 shihuangzhe.com String searchBase = "DC=shihuangzhe,DC=com"; //返回的属性 String returnedAtts[] = {"objectClass","sAMAccountName","cn","givenName","sn","displayName", "description","userPrincipalName","mail","telephoneNumber","userAccountControl","sAMPwd"}; //得到查询控制对象 SearchControls searchCtls = new SearchControls(); //设置范围 searchCtls.setSearchScope(SearchControls.SUBTREE_SCOPE); //设置返回的属性 searchCtls.setReturningAttributes(returnedAtts); //得倒符合条件的域用户数据 NamingEnumeration results = ctx.search(searchBase,searchFilter, searchCtls); //遍历 while (results != null && results.hasMoreElements()) { //得倒返回的对象 SearchResult entry = (SearchResult)results.next(); //如果属性存在 if(entry.getAttributes().toString()!="No attributes"){ //得倒属性集 Attributes attrs= entry.getAttributes(); //如果属性集合不为空 if (attrs != null) { domainUserDTO=new DomainUserDTO(); //定义一个属性对象 Attribute attr; //得倒objectClass属性对象 attr =attrs.get("objectClass"); //设置objectClass属性 domainUserDTO.setObjectClass(attr==null?"":attr.get(attr.size()-1).toString()); attr =attrs.get("sAMAccountName"); domainUserDTO.setSAMAccountName(attr==null?"":attr.get(attr.size()-1).toString()); attr =attrs.get("cn"); domainUserDTO.setCn(attr==null?"":attr.get(attr.size()-1).toString()); attr =attrs.get("givenName"); domainUserDTO.setGivenName(attr==null?"":attr.get(attr.size()-1).toString()); attr =attrs.get("sn"); domainUserDTO.setSn(attr==null?"":attr.get(attr.size()-1).toString()); attr =attrs.get("displayName"); domainUserDTO.setDisplayName(attr==null?"":attr.get(attr.size()-1).toString()); attr =attrs.get("description"); domainUserDTO.setDescription(attr==null?"":attr.get(attr.size()-1).toString()); attr =attrs.get("userPrincipalName"); domainUserDTO.setUserPrincipalName(attr==null?"":attr.get(attr.size()-1).toString()); attr =attrs.get("mail"); domainUserDTO.setMail(attr==null?"":attr.get(attr.size()-1).toString()); attr =attrs.get("telephoneNumber"); domainUserDTO.setTelephoneNumber(attr==null?"":attr.get(attr.size()-1).toString()); attr =attrs.get("userAccountControl"); domainUserDTO.setUserAccountControl(attr==null?"":attr.get(attr.size()-1).toString()); attr =attrs.get("sAMPwd"); domainUserDTO.setPassword(attr==null?"":attr.get(attr.size()-1).toString()); break; } } } } domainUserDTO.setPassword(password); return domainUserDTO; }catch(Exception e){ log.debug("Error DomainUserService login -" +e,e); return domainUserDTO; } }