Java SprinBoot安全性&x2B;Active Directory属性
我正在使用Java+SpringBoot安全性对我的web应用程序进行自动化。 Bellow正在工作(配置,无索赔) 我的问题是:Java SprinBoot安全性&x2B;Active Directory属性,java,spring-security,active-directory,Java,Spring Security,Active Directory,我正在使用Java+SpringBoot安全性对我的web应用程序进行自动化。 Bellow正在工作(配置,无索赔) 我的问题是: 我可以用这种方式连接到广告以从用户的广告属性(例如,sAMAccountName、mail)获取信息吗 是否可以通过广告组设置页面访问权限 如果我正确理解AuthenticationManagerBuilder,请将连接器连接到AD @Configuration class WebSecurityConfig extends WebSecurityConfigure
@Configuration
class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.antMatchers("/home", "/logout/**","/logout-success","/login/**").permitAll()
.anyRequest()
.authenticated()
.and()
.formLogin()
.and()
.logout()
.permitAll();
}
@Autowired
public void configureGlobal(AuthenticationManagerBuilder authBuilder) throws Exception {
authBuilder
.ldapAuthentication()
.userSearchFilter("(sAMAccountName={0})")
.userSearchBase("OU=Active,OU=Users,OU=nsk,DC=regions,DC=office,DC=ru")
.groupSearchBase("OU=Groups,OU=nsk,DC=regions,DC=office,DC=ru")
.groupSearchFilter("member={0}")
.contextSource()
.url("ldap://regions.office.ru:389")
.managerDn("CN=ldap_user_ro,OU=Service,OU=Users,OU=nsk,DC=regions,DC=office,DC=ru")
.managerPassword("passw");
}
}
按属性(displayName)搜索域的所有用户
公共类LdapSearch{
公共列表getAllPersonNames(){
Hashtable env=新的Hashtable();
put(Context.INITIAL\u Context\u工厂,“com.sun.jndi.ldap.LdapCtxFactory”);
env.put(Context.PROVIDER\u URL,“ldap://regions.office.ru:389");
env.put(Context.SECURITY\u PRINCIPAL,“CN=ldap\u user\u ro,OU=Service,OU=Users,OU=nsk,DC=regions,DC=office,DC=ru”);
环境put(Context.SECURITY_凭证,“密码”);
dirctx;
试一试{
ctx=新的初始目录上下文(env);
}catch(NamingException | javax.naming.NamingException e){
抛出新的运行时异常(e);
}
列表=新建LinkedList();
NamingEnumeration结果=空;
试一试{
SearchControls=新的SearchControls();
控件.setSearchScope(SearchControls.SUBTREE_范围);
results=ctx.search(“OU=Active,OU=Users,OU=nsk,DC=regions,DC=office,DC=ru”,“(objectclass=user)”,控件);
while(results.hasMore()){
SearchResult SearchResult=(SearchResult)results.next();
Attributes=searchResult.getAttributes();
Attribute attr=attributes.get(“displayName”);
字符串cn=attr.get().toString();
列表.添加(cn);
}
}catch(nameNotFounde异常){
}catch(NamingException | javax.naming.NamingException e){
抛出新的运行时异常(e);
}最后{
如果(结果!=null){
试一试{
结果:关闭();
}捕获(例外e){
}
}
如果(ctx!=null){
试一试{
ctx.close();
}捕获(例外e){
}
}
}
退货清单;
}
}
public class LdapSearch {
public List<String> getAllPersonNames() {
Hashtable env = new Hashtable();
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.PROVIDER_URL, "ldap://regions.office.ru:389");
env.put(Context.SECURITY_PRINCIPAL, "CN=ldap_user_ro,OU=Service,OU=Users,OU=nsk,DC=regions,DC=office,DC=ru");
env.put(Context.SECURITY_CREDENTIALS, "password");
DirContext ctx;
try {
ctx = new InitialDirContext(env);
} catch (NamingException | javax.naming.NamingException e) {
throw new RuntimeException(e);
}
List<String> list = new LinkedList<String>();
NamingEnumeration results = null;
try {
SearchControls controls = new SearchControls();
controls.setSearchScope(SearchControls.SUBTREE_SCOPE);
results = ctx.search("OU=Active,OU=Users,OU=nsk,DC=regions,DC=office,DC=ru", "(objectclass=user)", controls);
while (results.hasMore()) {
SearchResult searchResult = (SearchResult) results.next();
Attributes attributes = searchResult.getAttributes();
Attribute attr = attributes.get("displayName");
String cn = attr.get().toString();
list.add(cn);
}
} catch (NameNotFoundException e) {
} catch (NamingException | javax.naming.NamingException e) {
throw new RuntimeException(e);
} finally {
if (results != null) {
try {
results.close();
} catch (Exception e) {
}
}
if (ctx != null) {
try {
ctx.close();
} catch (Exception e) {
}
}
}
return list;
}
}