之前查询了很多通过java对接ldap的,很多都说的不太容易理解,现在写一篇文章记录一下对接ldap的过程。
1.创建spring-boot项目,pom文件添加依赖
<!-- LDAP依赖 --> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-data-ldap</artifactId> </dependency>
2.添加连接配置信息
在application.properties配置文件中添加以下内容:
spring.ldap.urls=ldap://*.*.*.*:389 spring.ldap.username=cn=admin,dc=example,dc=com spring.ldap.password=password spring.ldap.base=dc=example,dc=com
3.创建model层对象(新添加的对象)
package com.nichols.fabric_ca_ldap.model; import org.springframework.ldap.odm.annotations.Attribute; import org.springframework.ldap.odm.annotations.Entry; import org.springframework.ldap.odm.annotations.Id; import javax.naming.Name; /** * @author nichols * @date 2023/4/12 17:14 */ @Entry(objectClasses = {"inetOrgPerson"}) public class PowerUser { @Id private Name dn; @Attribute(name = "cn") private String cn; @Attribute(name = "sn") private String sn; @Attribute(name = "userId") private String userId; @Attribute(name = "description") private String publicKey; @Override public String toString() { return "PowerUser{" + "dn=" + dn + ", cn='" + cn + '\'' + ", sn='" + sn + '\'' + ", userId='" + userId + '\'' + ", publicKey='" + publicKey + '\'' + '}'; } public PowerUser(Name dn, String cn, String sn, String userId, String publicKey) { this.dn = dn; this.cn = cn; this.sn = sn; this.userId = userId; this.publicKey = publicKey; } public Name getDn() { return dn; } public void setDn(Name dn) { this.dn = dn; } public String getSn() { return sn; } public void setSn(String sn) { this.sn = sn; } public PowerUser(String cn, String userId, String publicKey) { this.cn = cn; this.userId = userId; this.publicKey = publicKey; } public PowerUser() { } public String getCn() { return cn; } public void setCn(String cn) { this.cn = cn; } public String getUserId() { return userId; } public void setUserId(String userId) { this.userId = userId; } public String getPublicKey() { return publicKey; } public void setPublicKey(String publicKey) { this.publicKey = publicKey; } }
其中对于我这个objectClasses类而言,dn、cn和sn是必须的,且在对象中定义的属性需要是inetOrgPerson类型具有的属性,且@Entry属性是必须的,objectClasses至少指定一个,由于第二部添加了配置信息这里不添加base信息。如何判断定义的类具有哪些属性,可以通过phpLDAPadmin的web端查看,也可通过ldap管理工具查看,以下为一个示例:
如果想添加自定义属性可以去搜一下如何创建自定义对象。
4.创建service层,创建service类
package com.nichols.fabric_ca_ldap.service; import com.nichols.fabric_ca_ldap.model.PowerUser; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.ldap.core.LdapTemplate; import org.springframework.stereotype.Service; import javax.naming.directory.Attributes; import javax.naming.directory.BasicAttributes; import static org.springframework.ldap.query.LdapQueryBuilder.query; /** * @author nichols * @date 2023/4/11 16:52 */ @Service public class LDAPService { @Autowired private LdapTemplate ldapTemplate; // 添加对象方法 public String addInfoToLDAP(PowerUser powerUser) { ldapTemplate.create(powerUser); return "ok"; } public PowerUser findByCn(String cn) { return ldapTemplate.findOne(query().where("cn").is(cn),PowerUser.class); } public PowerUser update(PowerUser powerUser) { ldapTemplate.update(powerUser); return powerUser; } public PowerUser delete(PowerUser powerUser) { ldapTemplate.delete(powerUser); return powerUser; } private Attributes getAttributes(PowerUser powerUser) { BasicAttributes attributes = new BasicAttributes(); attributes.put("objectClass", "top"); attributes.put("objectClass", "powerUser"); attributes.put("cn", powerUser.getCn()); attributes.put("userId", powerUser.getUserId()); attributes.put("publicKey", powerUser.getPublicKey()); return attributes; } }
5.编写测试方法
@Test void testAddLDAP() { PowerUser powerUser = new PowerUser(); // 新建对象 powerUser.setDn(LdapNameBuilder.newInstance("cn=powerUser2,ou=org1").build()); // 应该为全路径,由于配置文件编写了base路径,因此写到base的下一级停止 powerUser.setCn("powerUser2"); // cn与上面cn一致 powerUser.setUserId("powerUser2"); // 设置属性值 powerUser.setSn("PowerUserSn"); // 这是sn值 powerUser.setPublicKey("test"); // 设置属性值 String s = ldapService.addInfoToLDAP(powerUser); // 新增用户 System.out.println(s); System.out.println("success"); } @Test void testQueryLDAP() { PowerUser powerUser1 = ldapService.findByCn("powerUser1"); // 根据cn查找用户 System.out.println(powerUser1); PowerUser powerUser2 = ldapService.findByCn("powerUser2"); System.out.println("------------"); System.out.println(powerUser2); } @Test void testUpdateLDAP() { PowerUser powerUser = new PowerUser(); powerUser.setDn(LdapNameBuilder.newInstance("cn=powerUser2,ou=org1").build()); // 更新用户,保证cn、dn一致,修改属性值 powerUser.setCn("powerUser2"); powerUser.setUserId("powerUser3"); powerUser.setSn("PowerUserSn"); powerUser.setPublicKey("testUpdate"); PowerUser powerUser1 = ldapService.update(powerUser); System.out.println(powerUser1); } @Test void testDeleteLDAP() { PowerUser powerUser = new PowerUser(); powerUser.setDn(LdapNameBuilder.newInstance("cn=powerUser2,ou=org1").build()); // 根据dn删除用户对象 PowerUser delete = ldapService.delete(powerUser); System.out.println(delete); }
对接完成。