集成ldap 验证ad域

fhKeeper/formulahousekeeper/management-platform/pom.xml

@@ -185,6 +185,13 @@
             <version>0.1.55</version>
         </dependency>
 
+        <!--ladp集成 AD域认证-->
+        <dependency>
+        <groupId>org.springframework.boot</groupId>
+        <artifactId>spring-boot-starter-data-ldap</artifactId>
+        <version>2.3.12.RELEASE</version>
+        </dependency>
+
         <dependency>
             <groupId>com.aliyun</groupId>
             <artifactId>dysmsapi20170525</artifactId>

fhKeeper/formulahousekeeper/management-platform/src/main/java/com/management/platform/config/LdapConfig.java

@@ -0,0 +1,40 @@
+package com.management.platform.config;
+
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.ldap.core.LdapTemplate;
+import org.springframework.ldap.core.support.LdapContextSource;
+
+@Configuration
+public class LdapConfig {
+    @Value("${spring.ldap.urls}")
+    private String ldapUrl;
+    @Value("${spring.ldap.username}")
+    private String userName;
+    @Value("${spring.ldap.password}")
+    private String passWord;
+    @Value("${spring.ldap.base}")
+    private String base;
+
+
+
+    @Bean
+    public LdapContextSource ldapContextSource(){
+        LdapContextSource source = new LdapContextSource();
+        source.setBase(base);
+        source.setUrl(ldapUrl);
+        source.setPassword(passWord);
+        source.setUserDn(userName);
+        source.setReferral("follow");
+        return source;
+    }
+
+    @Bean
+    public LdapTemplate ldapTemplate(){
+        return new LdapTemplate(ldapContextSource());
+    }
+
+
+}
+

fhKeeper/formulahousekeeper/management-platform/src/main/java/com/management/platform/controller/UserController.java

@@ -10,7 +10,10 @@ import com.management.platform.service.FeishuInfoService;
 import com.management.platform.service.UserService;
 import com.management.platform.util.HttpRespMsg;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.ldap.core.LdapTemplate;
+import org.springframework.ldap.filter.EqualsFilter;
 import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestMethod;
 import org.springframework.web.bind.annotation.RequestParam;
 import org.springframework.web.bind.annotation.RestController;
 import org.springframework.web.multipart.MultipartFile;
@@ -39,6 +42,9 @@ public class UserController {
     @Resource
     private HttpServletRequest request;
 
+    @Resource
+    private LdapTemplate ldapTemplate;
+
     @Resource
     private FeishuInfoService feishuInfoService;
 
@@ -300,5 +306,15 @@ public class UserController {
         return httpRespMsg;
     }
 
+
+    @RequestMapping(value = "/testLdap4", method = RequestMethod.GET)
+    public HttpRespMsg testLdap4(@RequestParam String username, @RequestParam String passWord) {
+        EqualsFilter filter = new EqualsFilter("sAMAccountName", username);
+        boolean res =  ldapTemplate.authenticate("",filter.toString(), passWord);
+        HttpRespMsg httpRespMsg=new HttpRespMsg();
+        httpRespMsg.setMsg(res==true?"验证成功":"验证失败");
+        return httpRespMsg;
+    }
+
 }
 

fhKeeper/formulahousekeeper/management-platform/src/main/java/com/management/platform/service/UserService.java

@@ -90,4 +90,6 @@ public interface UserService extends IService<User> {
     ModelAndView loginByWXCode(String code, String state);
 
     HttpRespMsg areaData(String token);
+
+    boolean ldapAuth(String username, String passWord);
 }

fhKeeper/formulahousekeeper/management-platform/src/main/java/com/management/platform/service/impl/UserServiceImpl.java

@@ -32,6 +32,8 @@ import org.springframework.beans.BeanUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.http.*;
+import org.springframework.ldap.core.LdapTemplate;
+import org.springframework.ldap.filter.EqualsFilter;
 import org.springframework.stereotype.Service;
 import org.springframework.util.StringUtils;
 import org.springframework.web.client.RestTemplate;
@@ -187,6 +189,9 @@ public class UserServiceImpl extends ServiceImpl<UserMapper, User> implements Us
     @Resource
     private ParticipationService participationService;
 
+    @Resource
+    private LdapTemplate ldapTemplate;
+
     public static String provider_access_token = null;
     public static long providerTokenExpireTime = 0L;
     //登录网页端
@@ -2902,4 +2907,10 @@ public class UserServiceImpl extends ServiceImpl<UserMapper, User> implements Us
         httpRespMsg.data = areas;
         return httpRespMsg;
     }
+
+    @Override
+    public boolean ldapAuth(String username, String passWord) {
+        EqualsFilter filter = new EqualsFilter("sAMAccountName",username);
+        return ldapTemplate.authenticate("",filter.toString(),passWord);
+    }
 }

fhKeeper/formulahousekeeper/management-platform/src/main/resources/application.yml

@@ -50,6 +50,17 @@ spring:
   messages:
     basename: i18n.messages #配置国际化资源文件路径
     encoding: UTF-8
+
+  ##AD认证
+  ldap:
+    ##AD服务器IP，默认端口389
+    urls: ldap://192.168.2.18:389
+    ##登录账号
+    username: huliangpeng@huoshi.cn
+    ##密码
+    password: Hlp123456
+    #distinguishedName的部分节点
+    base: DC=huoshi,DC=cn
 ##########日志配置
 logging:
   level:
@@ -118,6 +129,8 @@ management:
   health:
     redis:
       enabled: false
+    ldap:
+      enabled: false
 
 referer:
   refererDomain: