堆栈内存溢出
  简体   繁体   English

如何使用Apache Shiro在LDAP中使用sAMAccountName或其他任何参数支持登录?

[英]How to support login using sAMAccountName or any other parameter in LDAP with Apache Shiro?

 原文  2015-07-09 11:32:27       java/ ldap/ shiro

问题描述

I would like to authenticate and authorize the user with sAMAccountName with this Realm File . 我想通过此Realm File使用sAMAccountName对用户进行身份验证和授权。 

final NamingEnumeration<SearchResult> searchResultEnum = ldapCtx.search(searchBase, "objectClass="+groupObjectClass, SUBTREE_SCOPE);

I tried the following things but it didn't work. 我尝试了以下操作,但没有成功。 I am trying to make this parameter (sAMAccountName) as configurable. 我正在尝试将此参数(sAMAccountName)配置为可配置的。 By default its working with UserPrincipalName and name parameters. 默认情况下,它使用UserPrincipalName和name参数。

case #1: 情况1: 

final NamingEnumeration<SearchResult> searchResultEnum = ldapCtx.search(searchBase, "(&(objectClass=*)(sAmAccountName={0}))", SUBTREE_SCOPE);

case #2: 案例2: 

final NamingEnumeration<SearchResult> searchResultEnum = ldapCtx.search(searchBase, "(&(objectClass=Person)(sAmAccountName={0}))", SUBTREE_SCOPE);

Do I need to configure something else also in order to support the login using sAMAccountName Parameter? 我是否还需要配置其他内容以支持使用sAMAccountName参数的登录?

1 个解决方案

解决方案1
 0  2015-07-12 09:46:13

To use samAccountName, you will need to add the domainName. 要使用samAccountName,您将需要添加domainName。 domainName\\samaccountname. domainName \\ samaccountname。

how do I remove this dependency of domain\\ in front of samAccountName? 如何在samAccountName前面删除domain \\的此依赖项? Note: I support multiple domains? 注意:我支持多个域? AFIK, you can not. AFIK,您不能。 How would you know which domain the user is within without specifying the domain 在不指定域的情况下如何知道用户所在的域

I assume that the search base contains (DC=domain, DC=com) ,wouldn't be enough? 我假设搜索库包含(DC = domain,DC = com),这还不够吗? Adding DC=domainName, DC=com should work IF you can "chase" referrals as there will be multiple contexts within the search. 如果您可以“追踪”引荐,那么添加DC = domainName,DC = com应该可以,因为搜索中将有多个上下文。

Usually, depending on your setup, you could use CN=Users, DC=domainName, DC=Com and it would work without referrals. 通常,根据您的设置,您可以使用CN = Users,DC = domainName,DC = Com,它无需引用即可工作。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何使用Apache Shiro和LDAP身份验证添加角色授权 - How to add role authorization using Apache Shiro with LDAP Authentication 使用sAMAccountName更改LDAP中的密码 - Change password in LDAP using sAMAccountName LDAP:如何使用sAMAccountName对用户进行身份验证? - LDAP: How to authenticate user with sAMAccountName? Apache shiro LDAP多个OU - Apache shiro LDAP multiple OUs 将 Gigya 的登录集成到我的应用程序登录(使用 shiro apache) - Integrating Gigya's login to My application login(using shiro apache) 使用apache shiro登录后如何将用户重定向到他的个人页面 - how to redirect user to his personal page after login using apache shiro 当用户使用 Apache Shiro 和 JSP 重新登录时如何重定向到主页 - How to redirect to main page when user re-login using Apache Shiro and JSP 使用Java列出ldap中的所有sAMAccountName - List all the sAMAccountName from ldap using java Apache Shiro是否支持bCrypt? - Does Apache Shiro support bCrypt? 如何使用apache shiro永久登录 - How to stay logged in permanently using apache shiro
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM