com.frameworkset.platform.ldap.LdapManager Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of pdp-system Show documentation
Show all versions of pdp-system Show documentation
bboss public development platform base on bboss.
/* 功能: ldap服务器数据操作接口
* @author wanghh
*/
package com.frameworkset.platform.ldap;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Hashtable;
import javax.naming.Context;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attributes;
import javax.naming.directory.BasicAttribute;
import javax.naming.directory.BasicAttributes;
import javax.naming.directory.DirContext;
import javax.naming.directory.InitialDirContext;
import javax.naming.directory.ModificationItem;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
public class LdapManager implements LdapDao {
//定义内部使用变量
private String userid = "";
private String url = "";
private String pathbase = ""; //
private String psw = "";
private DirContext ctx = null;
private LdapDatatrans ldapDatatrans;
public LdapManager() {
try{
init();
}catch(Exception e){
e.printStackTrace();
System.out.println("取初始化文件出错!");
}
}
//取初始化参数 从配置文件里读信息
private void init() throws Exception {
// this.pathbase = PropertiesReader.read("jdbc","Ldap.pathbase"); //此处定义为树的根
// this.url = PropertiesReader.read("jdbc","Ldap.url"); //连接串
// this.userid = PropertiesReader.read("jdbc","Ldap.userid"); //目录管理用户名
// this.psw = PropertiesReader.read("jdbc","Ldap.psw");//密码
this.pathbase = "dc=yourco,dc=com";
this.url = "172.16.168.10";
this.userid = "cn=root";
this.psw = "root";
Hashtable env = new Hashtable(5, 0.75f);
env.put(Context.INITIAL_CONTEXT_FACTORY, Env.INITCTX);
/* Specify host and port to use for directory service */
env.put(Context.PROVIDER_URL, this.url);
env.put(Context.SECURITY_AUTHENTICATION, Env.MY_AUTHENTICATION);//
env.put(Context.SECURITY_PRINCIPAL,this.userid);//载入登陆帐户和登录密码
env.put(Context.SECURITY_CREDENTIALS, this.psw);
ctx = new InitialDirContext(env);
ldapDatatrans = new LdapDatatrans();
}
public static void main(String[] args) throws NamingException {
String pathbase = "dc=yourco,dc=com";
String url = "172.16.168.10";
String userid = "cn=root";
String spsw = "root";
Hashtable env = new Hashtable(5, 0.75f);
env.put(Context.INITIAL_CONTEXT_FACTORY, Env.INITCTX);
/* Specify host and port to use for directory service */
env.put(Context.PROVIDER_URL, url);
env.put(Context.SECURITY_AUTHENTICATION, Env.MY_AUTHENTICATION);//
env.put(Context.SECURITY_PRINCIPAL,userid);//载入登陆帐户和登录密码
env.put(Context.SECURITY_CREDENTIALS, spsw);
DirContext ctx = new InitialDirContext(env);
// ldapDatatrans = new LdapDatatrans();
//设置查询范围的权限 此处为入口以下的子树
SearchControls constraints = new SearchControls();
constraints.setSearchScope(SearchControls.SUBTREE_SCOPE);
//此处查许所有对象类别为person的条目 即入口以下所有用户
NamingEnumeration results
= ctx.search("cn=users,"+pathbase,"uid=wpsadmin", constraints);
}
//插入一个用户帐户 如果字段是日期型的 必须转换成String型 其格式约定为: yyyy-mm-dd hh24:mi:ss(日期和时间有空格)
public void insertUser(AuthUser authUser) throws Exception {
//添加一个用户条目时 objectclass 和 uid两个属性时必须的
BasicAttributes attrs = new BasicAttributes(); //条目的属性列表
attrs = ldapDatatrans.BeanToAttrs(authUser);
BasicAttribute objclassSet = new BasicAttribute("objectclass"); //具有多个value的属性类别
objclassSet.add("top");
objclassSet.add("authuser"); //自定义objectclass
attrs.put(objclassSet);
//"id=" + account.getid() +"," + this.pathbase构成了树型目录里面唯一标志(usrs时自定义的)
// dc=sinosoft.com为目录根节点 ou=user为根节点下的第一层组织节点 uid为用户帐户标识
ctx.createSubcontext("uid=" + authUser.getUid() +",ou=authuser," + this.pathbase, attrs);
}
//删除一个用户帐户
public void deleteUser(String id) throws Exception {
//"id=" + id +",ou=users," +this.pathbase构成了树型目录里面唯一标志(usrs时自定义的)
ctx.destroySubcontext("uid=" + id +",ou=authuser," +this.pathbase);
System.out.println("用户号为"+ id + "的用户删除成功!");
}
//以用户id号查询一个用户信息 返回一个ARRAYLIST 其容纳对象为 UserAccount 类型
public ArrayList searchUser(String id) throws Exception {
ArrayList list = new ArrayList();
//设置查询范围的权限 此处为入口以下的子树
SearchControls constraints = new SearchControls();
constraints.setSearchScope(SearchControls.SUBTREE_SCOPE);
//此处查许所有对象类别为person的条目 即入口以下所有用户
NamingEnumeration results
= ctx.search("ou=authuser,"+this.pathbase,"uid="+id, constraints);
/*循环输出每个条目的每个属性名和值*/
while (results != null && results.hasMore()) {
SearchResult si = (SearchResult)results.next();
AuthUser authUser = new AuthUser();
Attributes attrs = si.getAttributes();
ldapDatatrans.AttrsToBean(attrs,authUser);
list.add(authUser);
}
return list;
}
/*功能: 以过滤条件 检索多条记录 结果存为UserAccount类型的列表
* 过滤条件如: (id=abc)
* 与 (&(id=abc)(username<=abc)(psw>=abc))
* 或 (|(id=abc)(username=abc)(psw=abc))
* 非 (!(id0)
userid = ((AuthUser)(list.get(0))).getUid();
if(userid==null) userid="";
//"id=" + id + this.pathbase构成了树型目录里面唯一标志(usrs时自定义的)
ctx.destroySubcontext("personid=" + id +",ou=authperson," +this.pathbase);
//删除此人员对应的帐号信息
if(!(userid.equals(""))){
deleteUser(userid);
}
//删除人员对应的角色
// xmlRole.deleteRole(id);
}
//根据机构id(orgID)删除这个机构下的所有人员
public void deletePersonByOrgID(String orgID) throws Exception {
// XmlRoleManager xmlRole = new XmlRoleManager();
//删除机构对应的角色
//xmlRole.deleteRole(orgID);
//查出所有的personid
ArrayList personList = new ArrayList();
personList = searchPersonByFilter("(organid="+orgID+")");
for(int i=0; i=abc))
* 或 (|(id=abc)(username=abc)(psw=abc))
* 非 (!(id,20050926000000031060<>,20051009000000031158<>,
* @return 返回一个ARRAYLIST 其所含对象类型为AuthRole
*/
public ArrayList searchChildAuthGroup(String strAuthGroupID) throws Exception {
ArrayList list = new ArrayList();
//设置查询范围的权限 此处为入口以下的子树
SearchControls constraints = new SearchControls();
constraints.setSearchScope(SearchControls.SUBTREE_SCOPE);
//首先取得有那些角色id信息
String[] parentIDList = strAuthGroupID.split("<>,"); //取得父角色id数组
//对构造的数组进行排序
ArrayList sortedList = new ArrayList();
for(int i=0; i,";
}
}
}
String[] strAllID = roleIds.split("<>,");
for(int j=0; j0){
list.add((AuthRole)tempList.get(0));
}
}
return list;
}
/**
* 删除一个的角色
* @param id: 角色id
* @return Role对象
*/
public void deleteAuthGroup(String id) throws Exception {
String parentId = "";
//取得要删除节点的parentid
ArrayList lsTemp = new ArrayList();
lsTemp = this.searchAuthGroup(id);
if((lsTemp!=null)&&(lsTemp.size()>0)){
parentId = ((AuthRole)lsTemp.get(0)).getRolesireid();
}
else
{
System.out.println("没有这个角色信息:"+id);
return;
}
//修改所有以此为父节点的记录为根节点的子角色
ArrayList lsAuth = new ArrayList();
lsAuth = this.searchAuthGroupByFilter("(rolesireid="+id+")");
for(int i=0; i," 分隔 如: 90000000000000000000<>,20050808000000025348<>,
String uid; //帐号id
String roleString = "";
uid = ((AuthUser)list.get(i)).getUid();
roleString = ((AuthUser)list.get(i)).getRoleid();
//判断是否有这个角色
if(roleString.indexOf(id+"<>,",0) >= 0){
roleString = roleString.replaceAll(id+"<>,","");
ArrayList atts = new ArrayList();
atts.add(new AttrBean("roleid",roleString));
this.updateUser(uid,atts);
}
}
//删除xml文件里面的角色信息
//XmlRoleManager roleManager = new XmlRoleManager();
//roleManager.deleteRole(id);
System.out.println("角色号为"+ id + "的角色删除成功!");
}
/*功能: 以过滤条件 检索多条记录 结果存为AuthRole类型的列表
* 过滤条件如: (id=abc)
* 与 (&(id=abc)(username<=abc)(psw>=abc))
* 或 (|(id=abc)(username=abc)(psw=abc))
* 非 (!(id