流程:
1.用户调登录接口,传用户名和密码2.用户名和密码在ad验证,验证通过后,返回当前用户的相关信息。(注:ldap为java自带的api不需要maven引入其他的)3.根据返回的用户信息,实现自己系统的业务逻辑
@RequestMapping("/getMsg")
@ResponseBody
public String getAllPersonNamesWithTraditionalWay(@RequestParam String username,@RequestParam String password) {
Hashtable env = new Hashtable();
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
//ldap://192.168.153.129:389/dc=contoso,dc=com
env.put(Context.PROVIDER_URL, "ldap://192.168.153.129:389/dc=contoso,dc=com");
env.put(Context.SECURITY_PRINCIPAL, username);
env.put(Context.SECURITY_CREDENTIALS, password);
DirContext ctx;
String name="";
NamingEnumeration results = null;
try {
ctx = new InitialDirContext(env);
SearchControls controls = new SearchControls();
controls.setSearchScope(SearchControls.SUBTREE_SCOPE);
results = ctx.search("", "(&(objectclass=person)(userprincipalname=" + username+ "))",controls);
SearchResult searchResult = (SearchResult) results.next();
Attributes attributes = searchResult.getAttributes();
name = attributes.get("userprincipalname").get().toString().split("@")[0];
}
catch (AuthenticationException e)
{
String erroMsg= e.toString();
e.printStackTrace();
return erroMsg;
}
catch (NameNotFoundException e) {
String erroMsg= e.toString();
e.printStackTrace();
return erroMsg;
} catch (NamingException e) {
e.printStackTrace();
String erroMsg= e.toString();
return erroMsg;
} finally {
if (results != null) {
try {
results.close();
} catch (Exception e) {
}
}
}
return name;
}
返回了登录用户的name字段。还有其他字段如下图)
微软ad域样子:(我是通过虚拟机安装了windos sever 2008 r2 然后在其系统上,安装了AD域)
