1、pom引入依赖
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-data-ldap</artifactId>
</dependency>
2、创建一个资源类LdapRepository
首先需要创建一个实体
@Data public class LdapServer { /** * ldap服务器 */ @NotBlank private String url; /** * 端口 */ @NotBlank private Integer port; /** * 基础域 */ @NotBlank private String baseDN; /** * 用户名 */ @NotBlank private String userName; /** * 密码 */ @NotBlank private String password; }
建立连接:
private LdapTemplate ldapTemplate;
/** * 使用前必须先连接 * * @param server */ public LdapRepository connect(LdapServer server) { if(server.getUrl().contains("ldaps")){ SSLLdapContextSource contextSource = new SSLLdapContextSource(); contextSource.setUrl(server.getUrl() + ":" + server.getPort()); contextSource.setUserDn(server.getUserName()); contextSource.setPassword(server.getPassword()); contextSource.setPooled(false); contextSource.setBase(server.getBaseDN()); contextSource.afterPropertiesSet(); contextSource.setReferral("follow"); // 设置连接超时时间 3s Map<String, Object> envProperties = new HashMap<>(); envProperties.put("com.sun.jndi.ldap.connect.timeout", "3000"); envProperties.put("com.sun.jndi.ldap.read.timeout", "3000"); contextSource.setBaseEnvironmentProperties(envProperties); ldapTemplate = new LdapTemplate(contextSource); }else { LdapContextSource contextSource = new LdapContextSource(); contextSource.setUrl(server.getUrl() + ":" + server.getPort()); contextSource.setUserDn(server.getUserName()); contextSource.setPassword(server.getPassword()); contextSource.setPooled(false); contextSource.setBase(server.getBaseDN()); contextSource.afterPropertiesSet(); // important contextSource.setReferral("follow"); // 设置连接超时时间 3s Map<String,Object> envProperties = new HashMap<>(); envProperties.put("com.sun.jndi.ldap.connect.timeout","3000"); envProperties.put("com.sun.jndi.ldap.read.timeout","3000"); contextSource.setBaseEnvironmentProperties(envProperties); ldapTemplate = new LdapTemplate(contextSource); } ldapTemplate.setIgnorePartialResultException(true); return this; }
测试认证连接:
public void authenticate(String username, String password) { ldapTemplate.getContextSource().getContext(username, password); }
一次查询所有人员:
/** * 查询所有人员 */ public List findAll(LdapQuery ldapQuery) { List<BasicAttributes> basicAttributesList = (List) ldapTemplate.search(ldapQuery, new AttributesMapper<Object>() { @Override public Object mapFromAttributes(Attributes attributes) throws NamingException { BasicAttributes basicAttributes = (BasicAttributes) attributes; return basicAttributes; } }); return basicAttributesList; }
如果数据量太大,需要使用分页查询:
public List<BasicAttributes> findAllPageNew(LdapQuery ldapQuery) { String searchFilter = "(&(objectClass=person)(!(objectclass=computer)))"; List<BasicAttributes> attributesList = new ArrayList<>(); ldapTemplate.setIgnorePartialResultException(true); SearchControls searchControls = new SearchControls(); /** * 0:OBJECT_SCOPE,搜索指定的命名对象。 * 1:ONELEVEL_SCOPE,只搜索指定命名对象的一个级别,这是缺省值。 * 2:SUBTREE_SCOPE,搜索以指定命名对象为根结点的整棵树 */ searchControls.setSearchScope(SearchControls.SUBTREE_SCOPE); // 每次查询条数:默认1000条 PagedResultsDirContextProcessor processor = new PagedResultsDirContextProcessor(1000); //返回的参数 AttributesMapper CN_ATTRIBUTES_MAPPER = attributes -> { BasicAttributes basicAttributes = (BasicAttributes) attributes; return basicAttributes; }; do { List<BasicAttributes> searchList = (List) ldapTemplate.search("", searchFilter, searchControls, CN_ATTRIBUTES_MAPPER, processor); attributesList.addAll(searchList); } while(processor.hasMore()); return attributesList; }