support AD LDAP

2026-01-03 19:38:20 +08:00 · 2021-03-05 14:45:54 +08:00
parent e351ce7411
commit 411ee55653
2 changed files with 14 additions and 3 deletions
--- a/kafka-manager-common/src/main/java/com/xiaojukeji/kafka/manager/common/utils/ldap/LDAPAuthentication.java
+++ b/kafka-manager-common/src/main/java/com/xiaojukeji/kafka/manager/common/utils/ldap/LDAPAuthentication.java
@@ -1,5 +1,6 @@
 package com.xiaojukeji.kafka.manager.common.utils.ldap;

+import org.apache.commons.lang.StringUtils;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.stereotype.Component;

@@ -25,6 +26,9 @@ public class LDAPAuthentication {
    @Value(value = "${ldap.factory}")
    private String ldapFactory;

+    @Value(value = "${ldap.filter}")
+    private String ldapfilter;
+
    @Value(value = "${ldap.auth-user-registration-role}")
    private String authUserRegistrationRole;

@@ -61,7 +65,9 @@ public class LDAPAuthentication {
        try {
            SearchControls constraints = new SearchControls();
            constraints.setSearchScope(SearchControls.SUBTREE_SCOPE);
-            NamingEnumeration<SearchResult> en = ctx.search("", "account=" + account, constraints);
+            String filter = "(&(objectClass=*)("+ldapfilter+"=" + account + "))";
+
+            NamingEnumeration<SearchResult> en = ctx.search("", filter, constraints);
            if (en == null || !en.hasMoreElements()) {
                return "";
            }
@@ -96,6 +102,11 @@ public class LDAPAuthentication {
        try {
            String userDN = getUserDN(account,ctx);

+            if(StringUtils.isEmpty(userDN)){
+                return    valide;
+            }
+
+
            ctx.addToEnvironment(Context.SECURITY_PRINCIPAL, userDN);
            ctx.addToEnvironment(Context.SECURITY_CREDENTIALS, password);
            ctx.reconnect(null);