Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
DiDi
kafka-manager
提交
13d8fd55
K
kafka-manager
项目概览
DiDi
/
kafka-manager
大约 1 年 前同步成功
通知
60
Star
6372
Fork
1229
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
K
kafka-manager
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
13d8fd55
编写于
10月 18, 2022
作者:
N
night.liang
提交者:
EricZeng
10月 21, 2022
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
fix ldap bug
上级
41339810
变更
2
隐藏空白更改
内联
并排
Showing
2 changed file
with
54 addition
and
16 deletion
+54
-16
km-common/src/main/java/com/xiaojukeji/know/streaming/km/common/utils/ValidateUtils.java
...ojukeji/know/streaming/km/common/utils/ValidateUtils.java
+14
-1
km-extends/km-account/src/main/java/com/xiaojukeji/know/streaming/km/account/login/ldap/remote/LdapAuthentication.java
...ming/km/account/login/ldap/remote/LdapAuthentication.java
+40
-15
未找到文件。
km-common/src/main/java/com/xiaojukeji/know/streaming/km/common/utils/ValidateUtils.java
浏览文件 @
13d8fd55
...
...
@@ -2,6 +2,7 @@ package com.xiaojukeji.know.streaming.km.common.utils;
import
org.apache.commons.lang.StringUtils
;
import
java.lang.reflect.Array
;
import
java.util.Arrays
;
import
java.util.List
;
import
java.util.Map
;
...
...
@@ -56,6 +57,18 @@ public class ValidateUtils {
return
false
;
}
public
static
<
T
>
boolean
isNotEmpty
(
T
[]
array
)
{
return
!
isEmpty
(
array
);
}
public
static
boolean
isEmpty
(
Object
[]
array
)
{
return
getLength
(
array
)
==
0
;
}
public
static
int
getLength
(
Object
array
)
{
return
array
==
null
?
0
:
Array
.
getLength
(
array
);
}
/**
* 是空字符串
*/
...
...
@@ -65,7 +78,7 @@ public class ValidateUtils {
}
else
if
(
isNull
(
seq1
)
||
isNull
(
seq2
)
||
seq1
.
size
()
!=
seq2
.
size
())
{
return
false
;
}
for
(
Object
elem:
seq1
)
{
for
(
Object
elem
:
seq1
)
{
if
(!
seq2
.
contains
(
elem
))
{
return
false
;
}
...
...
km-extends/km-account/src/main/java/com/xiaojukeji/know/streaming/km/account/login/ldap/remote/LdapAuthentication.java
浏览文件 @
13d8fd55
...
...
@@ -5,6 +5,7 @@ import com.didiglobal.logi.security.exception.LogiSecurityException;
import
com.xiaojukeji.know.streaming.km.account.KmAccountConfig
;
import
com.xiaojukeji.know.streaming.km.account.common.ldap.LdapPrincipal
;
import
com.xiaojukeji.know.streaming.km.account.common.ldap.exception.LdapException
;
import
com.xiaojukeji.know.streaming.km.common.utils.ValidateUtils
;
import
org.slf4j.Logger
;
import
org.slf4j.LoggerFactory
;
import
org.springframework.beans.factory.annotation.Autowired
;
...
...
@@ -12,6 +13,8 @@ import org.springframework.stereotype.Component;
import
javax.naming.Context
;
import
javax.naming.NamingEnumeration
;
import
javax.naming.directory.Attribute
;
import
javax.naming.directory.Attributes
;
import
javax.naming.directory.SearchControls
;
import
javax.naming.directory.SearchResult
;
import
javax.naming.ldap.InitialLdapContext
;
...
...
@@ -71,7 +74,7 @@ public class LdapAuthentication {
env
.
put
(
Context
.
SECURITY_PRINCIPAL
,
kmAccountConfig
.
getSecurityPrincipal
());
env
.
put
(
Context
.
SECURITY_CREDENTIALS
,
kmAccountConfig
.
getSecurityCredentials
());
try
{
return
new
InitialLdapContext
(
env
,
null
);
return
new
InitialLdapContext
(
env
,
null
);
}
catch
(
Exception
e
)
{
LOGGER
.
error
(
"method=getLdapContext||errMsg=exception"
,
e
);
...
...
@@ -101,18 +104,21 @@ public class LdapAuthentication {
// maybe more than one element
while
(
en
.
hasMoreElements
())
{
Object
obj
=
en
.
nextElement
();
if
(
obj
instanceof
SearchResult
)
{
SearchResult
si
=
(
SearchResult
)
obj
;
SearchResult
obj
=
en
.
nextElement
();
if
(!
ValidateUtils
.
isNull
(
obj
))
{
// 携带LDAP更多元信息以填充用户元信息
LdapPrincipal
ldapPrincipal
=
new
LdapPrincipal
();
ldapPrincipal
.
setUserDN
(
si
.
getName
()
+
","
+
kmAccountConfig
.
getLdapBaseDN
());
ldapPrincipal
.
setSAMAccountName
(
this
.
keyValueSplit
(
si
.
getAttributes
().
get
(
"samaccountname"
).
toString
()));
ldapPrincipal
.
setDepartment
(
this
.
keyValueSplit
(
si
.
getAttributes
().
get
(
"department"
).
toString
()));
ldapPrincipal
.
setCompany
(
this
.
keyValueSplit
(
si
.
getAttributes
().
get
(
"company"
).
toString
()));
ldapPrincipal
.
setDisplayName
(
this
.
keyValueSplit
(
si
.
getAttributes
().
get
(
"displayname"
).
toString
()));
ldapPrincipal
.
setMail
(
this
.
keyValueSplit
(
si
.
getAttributes
().
get
(
"mail"
).
toString
()));
ldapPrincipal
.
setUserDN
(
obj
.
getName
()
+
","
+
kmAccountConfig
.
getLdapBaseDN
());
Attributes
attributes
=
obj
.
getAttributes
();
//校验成功后 在获取值
if
(!
ValidateUtils
.
isNull
(
attributes
))
{
ldapPrincipal
.
setSAMAccountName
(
getStringValueFromAttributes
(
attributes
,
"samaccountname"
));
ldapPrincipal
.
setDepartment
(
getStringValueFromAttributes
(
attributes
,
"department"
));
ldapPrincipal
.
setCompany
(
getStringValueFromAttributes
(
attributes
,
"company"
));
ldapPrincipal
.
setDisplayName
(
getStringValueFromAttributes
(
attributes
,
"displayname"
));
ldapPrincipal
.
setMail
(
getStringValueFromAttributes
(
attributes
,
"mail"
));
}
return
ldapPrincipal
;
}
}
...
...
@@ -126,6 +132,29 @@ public class LdapAuthentication {
}
}
private
String
getStringValueFromAttributes
(
Attributes
attributes
,
String
attrId
)
{
//增加 多重校验
int
two
=
2
;
Attribute
attribute
=
attributes
.
get
(
attrId
);
if
(
ValidateUtils
.
isNull
(
attribute
))
{
return
""
;
}
String
str
=
attribute
.
toString
();
if
(
ValidateUtils
.
isBlank
(
str
))
{
return
""
;
}
//分割字符串
String
[]
split
=
str
.
split
(
":\\s+"
);
if
(
ValidateUtils
.
isNotEmpty
(
split
))
{
if
(
split
.
length
>=
two
)
{
return
split
[
1
];
}
}
return
""
;
}
private
void
closeLdapContext
(
LdapContext
ctx
)
{
if
(
ctx
==
null
)
{
return
;
...
...
@@ -137,8 +166,4 @@ public class LdapAuthentication {
LOGGER
.
error
(
"method=closeLdapContext||errMsg=exception"
,
e
);
}
}
public
String
keyValueSplit
(
String
keyValue
){
return
keyValue
.
split
(
":\\s+"
)[
1
];
}
}
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录