[英]Getting CN entry of an authenticated ldap user
I'm doing my first steps on LDAP with spring boot.我正在使用 spring 引导在 LDAP 上迈出第一步。 I have managed to authenticate my user which is listed in my ldif file:
我已经设法验证了我的 ldif 文件中列出的用户:
dn: dc=parascus,dc=de
objectclass: top
objectclass: domain
objectclass: extensibleObject
dc: parascus
dn: ou=groups,dc=parascus,dc=de
objectclass: top
objectclass: organizationalUnit
ou: groups
dn: ou=people,dc=parascus,dc=de
objectclass: top
objectclass: organizationalUnit
ou: people
dn: uid=jsmith,ou=people,dc=parascus,dc=de
objectclass: top
objectclass: person
objectclass: inetOrgPerson
cn: Smith, John
sn: Smith
uid: jsmith
userPassword: scrambled
dn: cn=developers,ou=groups,dc=parascus,dc=de
objectclass: top
objectclass: groupOfUniqueNames
cn: developers
ou: developer
uniqueMember: uid=jsmith,ou=people,dc=parascus,dc=de
Now I'm in my controller method and try to get the cn property "Smith, John":现在我在我的 controller 方法中并尝试获取 cn 属性“Smith, John”:
@GetMapping("/profile")
public String index(Authentication authentication) {
return "Profile of " + authentication.getName();
}
But I only get the uid "jsmith".但我只得到 uid“jsmith”。 Can somebody give me a hint how I can get all the information or at last the cn entry?
有人可以提示我如何获取所有信息或最后的 cn 条目吗?
Kind Regards亲切的问候
Parascus帕拉斯库斯
You will need to supply a UserDetailsContextMapper
to tell Spring Security how to extract details from the DirContext
.您需要提供一个
UserDetailsContextMapper
来告诉 Spring Security 如何从DirContext
中提取详细信息。
You do this when exposing the LdapAuthenticationProvider
:您在公开
LdapAuthenticationProvider
时执行此操作:
@Bean
LdapAuthenticationProvider ldap(LdapAuthenticator authenticator) {
LdapAuthenticationProvider ldap = new LdapAuthenticationProvider(authenticator);
ldap.setUserDetailsContextMapper(new PersonContextMapper());
return ldap;
}
Spring Security ships with a couple of built-in context mappers, one for the person
schema ( PersonContextMapper
) and another for the inetOrgPerson
schema ( InetOrgPersonContextMapper
). Spring Security 附带了几个内置的上下文映射器,一个用于
person
模式 ( PersonContextMapper
),另一个用于inetOrgPerson
模式 ( InetOrgPersonContextMapper
)。
With the above configuration, you can do either:使用上述配置,您可以执行以下任一操作:
public String index(Authentication authentication) {
Person person = (Person) authentication.getPrincipal();
String[] cn = person.getCn();
return "Profile of " + cn[cn.length - 1];
}
or或者
public String index(@AuthenticationPrincipal Person person) {
String[] cn = person.getCn();
return "Profile of " + cn[cn.length - 1];
}
If your entries use neither the person
nor the inetOrgPerson
schema, you can create your own UserDetailsContextMapper
.如果您的条目既不使用
person
也不使用inetOrgPerson
模式,您可以创建自己的UserDetailsContextMapper
。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.