ldap spring 管理

d3c6decd · suntao · 2ec4b63e · d3c6decd · d3c6decd · d3c6decd
Commit d3c6decd authored Jan 11, 2021 by suntao
3 changed files
--- a/src/main/java/cn/quantgroup/cashloanflowboss/api/login/service/IldapAuthentication.java
+++ b/src/main/java/cn/quantgroup/cashloanflowboss/api/login/service/IldapAuthentication.java
+package cn.quantgroup.cashloanflowboss.api.login.service;
+
+public interface IldapAuthentication {
+    boolean authenricate(String username, String password);
+}
--- a/src/main/java/cn/quantgroup/cashloanflowboss/api/login/auth/LDAPAuthentication.java
+++ b/src/main/java/cn/quantgroup/cashloanflowboss/api/login/auth/LDAPAuthentication.java
-package cn.quantgroup.cashloanflowboss.api.login.auth;
+package cn.quantgroup.cashloanflowboss.api.login.service;

 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.lang3.exception.ExceptionUtils;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.boot.CommandLineRunner;
+import org.springframework.stereotype.Component;

 import javax.naming.AuthenticationException;
 import javax.naming.Context;
@@ -15,22 +18,32 @@ import javax.naming.ldap.LdapContext;
 import java.util.Hashtable;

 @Slf4j
-public class LDAPAuthentication {
-    private final String URL = "ldap://ldap.quantgroups.com:389/";
-    private final String BASEDN = "ou=北京量科邦信息技术有限公司,dc=quantgroup,dc=cn";
-    private final String FACTORY = "com.sun.jndi.ldap.LdapCtxFactory";
+@Component
+public class LdapAuthentication implements IldapAuthentication, CommandLineRunner {
    private LdapContext ctx = null;
    private final Control[] connCtls = null;

+    @Value("${ldap.base:ou=北京量科邦信息技术有限公司,dc=quantgroup,dc=cn}")
+    private String BASEDN;
+
+    @Value("${ldap.host:ldap://ldap.quantgroups.com:389/}")
+    private String URL;
+
+    @Value("${ldap.manage.pwd}")
+    private String password;
+
+    @Value("${ldap.root:cn=common_auth_query,cn=users,DC=quantgroup,DC=cn}")
+    private String root;
+
+
    private void ldapConnect() {
        Hashtable<String, String> env = new Hashtable<String, String>();
-        env.put(Context.INITIAL_CONTEXT_FACTORY, FACTORY);
+        env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
        env.put(Context.PROVIDER_URL, URL+BASEDN);
        env.put(Context.SECURITY_AUTHENTICATION, "simple");

-        String root = "cn=common_auth_query,cn=users,DC=quantgroup,DC=cn";// root
        env.put(Context.SECURITY_PRINCIPAL, root);
-        env.put(Context.SECURITY_CREDENTIALS, "Quantgroup.com@2o17");
+        env.put(Context.SECURITY_CREDENTIALS, password);
        // 此处若不指定用户名和密码,则自动转换为匿名登录
        try {
            ctx = new InitialLdapContext(env, connCtls);
@@ -73,15 +86,16 @@ public class LDAPAuthentication {
        return userDN;
    }

-    public boolean authenricate(String uid, String password) {
+    @Override
+    public boolean authenricate(String username, String password) {
        boolean valide = false;
-        String userDN = getUserDN(uid);
+        String userDN = getUserDN(username);

        try {
            ctx.addToEnvironment(Context.SECURITY_PRINCIPAL, userDN);
            ctx.addToEnvironment(Context.SECURITY_CREDENTIALS, password);
            ctx.reconnect(connCtls);
-            log.info("验证通过,uid={}", uid);
+            log.info("验证通过,uid={}", username);
            valide = true;
        } catch (AuthenticationException e) {
            log.error("异常：{}", ExceptionUtils.getStackTrace(e));
@@ -95,4 +109,8 @@ public class LDAPAuthentication {
        return valide;
    }

+    @Override
+    public void run(String... strings) throws Exception {
+        ldapConnect();
+    }
 }
\ No newline at end of file
--- a/src/main/java/cn/quantgroup/cashloanflowboss/api/login/service/LoginServiceImpl.java
+++ b/src/main/java/cn/quantgroup/cashloanflowboss/api/login/service/LoginServiceImpl.java
 package cn.quantgroup.cashloanflowboss.api.login.service;

 import cn.quantgroup.cashloanflowboss.api.login.auth.ApiAuthService;
-import cn.quantgroup.cashloanflowboss.api.login.auth.LDAPAuthentication;
 import cn.quantgroup.cashloanflowboss.api.login.auth.model.LoginUser;
 import cn.quantgroup.cashloanflowboss.api.login.model.Principal;
 import cn.quantgroup.cashloanflowboss.api.role.entity.Role;
@@ -11,15 +10,12 @@ import cn.quantgroup.cashloanflowboss.api.user.dictionary.UserStatus;
 import cn.quantgroup.cashloanflowboss.api.user.entity.User;
 import cn.quantgroup.cashloanflowboss.api.user.model.UserInfo;
 import cn.quantgroup.cashloanflowboss.api.user.service.UserService;
-import cn.quantgroup.cashloanflowboss.core.Application;
 import cn.quantgroup.cashloanflowboss.core.base.Tuple;
 import cn.quantgroup.cashloanflowboss.core.dictionary.ApplicationDictionary;
 import cn.quantgroup.cashloanflowboss.core.dictionary.ApplicationStatus;
-import cn.quantgroup.cashloanflowboss.spi.model.JsonResult;
 import cn.quantgroup.cashloanflowboss.utils.IpUtil;
 import cn.quantgroup.cashloanflowboss.utils.MD5Tools;
 import lombok.extern.slf4j.Slf4j;
-import org.apache.commons.lang3.StringUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.data.redis.core.StringRedisTemplate;
 import org.springframework.data.redis.core.ValueOperations;
@@ -29,7 +25,6 @@ import javax.annotation.Resource;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpSession;
 import java.util.Date;
-import java.util.UUID;

 /**
 * Created by WeiWei on 2019/7/22.
@@ -50,6 +45,9 @@ public class LoginServiceImpl implements LoginService {
    @Autowired
    private ApiAuthService apiAuthService;

+    @Autowired
+    private IldapAuthentication ldapAuthentication;
+
    @Autowired
    private RoleRepository roleRepository;

@@ -81,7 +79,7 @@ public class LoginServiceImpl implements LoginService {
 //            JsonResult<LoginUser> result = apiAuthService.autoLogin(username + "@quantgroup.cn", password, "KA_MA");
 //            if (!result.isSuccess() || result.getData() == null) {
 //                log.info("登陆失败，username={}, msg={}", username, result.getMessage());
-//                return new Tuple<>(ApplicationStatus.INVALID_USER, "");
+//                return new Tuple<>(ApplicationStatus.USERNAME_OR_PASSWORD_ERROR, "");
 //            } else {
 //                LoginUser data = result.getData();
 //                Role role = roleRepository.getByName("量化派操作员");
@@ -95,7 +93,6 @@ public class LoginServiceImpl implements LoginService {
 //                user.setStatus(UserStatus.ENABLED);
 //            }

-            LDAPAuthentication ldapAuthentication = new LDAPAuthentication();
            boolean b = ldapAuthentication.authenricate(username, password);
            if (b) {
                LoginUser data = new LoginUser();
@@ -110,7 +107,7 @@ public class LoginServiceImpl implements LoginService {
                user.setStatus(UserStatus.ENABLED);
            } else {
                log.info("登陆失败，username={}, msg={}", username, "ldap失败");
-                return new Tuple<>(ApplicationStatus.REENTRY_LOCK_EXCEPTION, "");
+                return new Tuple<>(ApplicationStatus.USERNAME_OR_PASSWORD_ERROR, "");
            }

        }