Feature: server add Ldap user authentication #1392

Pan-YuJie · 2023-07-20T14:18:17Z

Fixes #809

Changes proposed in this pull request:

Hippo4j 接入Ldap指导

在 application.properties 配置文件中 , 配置下面相关信息：

此配置文件示例在同目录下的 ldap-back.properties

# Ldap Config
spring.ldap.urls=ldap://127.0.0.1:389
spring.ldap.base=dc=xxx,dc=com
spring.ldap.embedded.credential.username=cn=xxxx,dc=xxx,dc=com
spring.ldap.embedded.credential.password=password
# Ldap Entry object-class
spring.ldap.object-class=person
# Ldap account-attribute CommonName
spring.ldap.account-attribute=cn

参数解释：

spring.ldap.urls ---> Ldap服务器ip:端口

spring.ldap.base ---> Ldap域名

spring.ldap.embedded.credential.username: ---> login dn

spring.ldap.embedded.credential.password ---> login dn password

spring.ldap.object-class ---> Ldap Entry object-class

spring.ldap.account-attribute ---> Ldap account-attribute (cn / uid / username / ...)

实现细节

通过读取 application.properties 配置 Ldap服务器相关信息

使用 spring-boot-starter-data-ldap 包下的 LdapTemplate 与 Ldap服务器交互

用户发送请求到 Ldap的登录接口 /auth/ldap/login

如果用户是第一次登录成功 , 那么会读取Ldap服务器中的信息，并在数据库中创建一个相同用户名、密码为空、权限为ROLE_USER 的用户 , 并颁发Token进行后续请求

不是第一次登录用户，那么直接走 Ldap 的密码效验步骤，通过后颁发Token

Feature: server add Ldap user authentication

0a3cd3b

magestacks approved these changes Aug 15, 2023

View reviewed changes

magestacks merged commit de703cf into opengoofy:develop Aug 15, 2023
3 checks passed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Feature: server add Ldap user authentication #1392

Feature: server add Ldap user authentication #1392

Pan-YuJie commented Jul 20, 2023

Feature: server add Ldap user authentication #1392

Feature: server add Ldap user authentication #1392

Conversation

Pan-YuJie commented Jul 20, 2023

Changes proposed in this pull request:

Hippo4j 接入Ldap指导

实现细节