如何從spring security 3.1和Active Directory獲取用戶詳細信息（LDAP）

Question

我是Java和Java EE中的新成員。你能告訴我如何以檢索喜歡的姓名，公司，電話，部門，郵件，從Active Directore等用戶信息登錄成功，所以以後：

我的web.xml：

<?xml version="1.0" encoding="UTF-8"?> 
<web-app version="3.1" xmlns="http://xmlns.jcp.org/xml/ns/javaee"  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd"> 
<context-param> 
    <param-name>contextConfigLocation</param-name> 
    <param-value>/WEB-INF/applicationContext.xml 
       /WEB-INF/applicationContext-security.xml 
    </param-value> 
</context-param> 
<listener> 
    <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class> 
</listener> 
<servlet> 
    <servlet-name>dispatcher</servlet-name> 
    <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class> 
    <load-on-startup>2</load-on-startup> 
</servlet> 
<servlet-mapping> 
    <servlet-name>dispatcher</servlet-name> 
    <url-pattern>/</url-pattern> 
</servlet-mapping> 
<session-config> 
    <session-timeout> 
     30 
    </session-timeout> 
</session-config> 
<welcome-file-list> 
    <welcome-file>redirect.jsp</welcome-file> 
</welcome-file-list> 
<filter> 
<filter-name>springSecurityFilterChain</filter-name> 
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class> 
</filter> 
<filter-mapping> 
<filter-name>springSecurityFilterChain</filter-name> 
<url-pattern>/*</url-pattern> 
</filter-mapping> 
</web-app> 

我applictionContextsecurity .XML：

<?xml version="1.0" encoding="UTF-8"?> 
<beans:beans xmlns:security="http://www.springframework.org/schema/security" 
xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.2.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd"> 

<!-- LDAP server details --> 
<security:authentication-manager> 
    <security:authentication-provider ref="ldapActiveDirectoryAuthProvider" /> 
</security:authentication-manager> 

<beans:bean id="grantedAuthoritiesMapper" class="org.mops.security.ActiveDirectoryGrantedAuthoritiesMapper"/> 

<beans:bean id="ldapActiveDirectoryAuthProvider" class="org.springframework.security.ldap.authentication.ad.ActiveDirectoryLdapAuthenticationProvider"> 
    <beans:constructor-arg value="xxx.local" /> 
    <beans:constructor-arg value="ldap://xxx.local:389/" /> 
    <beans:property name="authoritiesMapper" ref="grantedAuthoritiesMapper" /> 
    <beans:property name="useAuthenticationRequestCredentials" value="true" /> 
    <beans:property name="convertSubErrorCodesToExceptions" value="true" /> 
</beans:bean> 

<security:http auto-config="true" pattern="/**"> 
    <!-- Login pages --> 
    <security:form-login login-page="/" default-target-url="/user/" 
     login-processing-url="/j_spring_security_check" authentication-failure-url="/?error=true" /> 
    <security:logout logout-success-url="/"/> 

    <!-- Security zones --> 
    <!--<security:intercept-url pattern="/it/**" access="ROLE_ADMIN" /> 
    <security:intercept-url pattern="/user/**" access="ROLE_ADMINISTRATION" /> --> 
</security:http> 

我可以正常登錄，我可以在CONTROLER得到用戶名：

UserController.java：

import org.springframework.security.core.context.SecurityContextHolder; 
import org.springframework.security.core.userdetails.UserDetails; 
import org.springframework.stereotype.Controller; 
import org.springframework.ui.Model; 
import org.springframework.web.bind.annotation.RequestMapping; 


@Controller 
public class UserController{ 
private String username; 
@RequestMapping("/user") 
public String User(Model model) { 

    Object principal = SecurityContextHolder.getContext().getAuthentication().getPrincipal(); 

    if (principal instanceof UserDetails) { 
     this.username = ((UserDetails)principal).getUsername(); 
    } else { 
     this.username = principal.toString(); 
    } 
    model.addAttribute("message", username); 

    return "user"; 
} 


} 

現在我想創建類，存儲所有的用戶信息，並創建該類的實例時，我需要使用用戶詳細信息。

任何人都可以告訴我一步一步如何做到這一點？

Answer 1

兩週後，我找到了解決辦法。

在普林-security.xml文件：

<beans:bean id="ldapActiveDirectoryAuthProvider" class="org.springframework.security.ldap.authentication.ad.ActiveDirectoryLdapAuthenticationProvider" > 
    <beans:constructor-arg value="xxx.yyy" /> 
    <beans:constructor-arg value="ldap://zzz.xxx.yyy:389/" /> 
    <beans:property name="authoritiesMapper" ref="grantedAuthoritiesMapper" /> 
    <beans:property name="useAuthenticationRequestCredentials" value="true" /> 
    <beans:property name="convertSubErrorCodesToExceptions" value="true" /> 
    <beans:property name="userDetailsContextMapper"> 
    <beans:bean class="org.springframework.security.ldap.userdetails.InetOrgPersonContextMapper" /> 
</beans:property> 
</beans:bean> 

而且在控制我們投委託方的InetOrgPerson：

import javax.naming.NamingException; 
import org.springframework.security.core.context.SecurityContextHolder; 
import org.springframework.security.core.userdetails.UserDetails; 
import org.springframework.stereotype.Controller; 
import org.springframework.ui.Model; 
import org.springframework.web.bind.annotation.RequestMapping; 
import org.springframework.web.bind.annotation.RequestMethod; 
import org.springframework.security.ldap.userdetails.InetOrgPerson; 


@Controller 
public class UserController { 
private String username; 


@RequestMapping(value="/user", method = RequestMethod.GET) 
public String User(Model model) throws NamingException { 
Object principal = SecurityContextHolder.getContext().getAuthentication().getPrincipal(); 


    if (principal instanceof UserDetails) { 
     this.username = ((UserDetails)principal).getUsername(); 

    } else { 
     this.username = principal.toString(); 

    } 
     model.addAttribute("username", username);   
     model.addAttribute("roomNumber", ((InetOrgPerson) principal).getRoomNumber()); 
    return "user"; 
} 

}