diff --git a/ruoyi-admin/src/main/resources/application.yml b/ruoyi-admin/src/main/resources/application.yml
index 8506966d6..168fa2cd7 100644
--- a/ruoyi-admin/src/main/resources/application.yml
+++ b/ruoyi-admin/src/main/resources/application.yml
@@ -69,6 +69,12 @@ spring:
restart:
# 热部署开关
enabled: true
+ #ldap
+ ldap:
+ urls: ldap://192.168.2.10:389
+ base: OU=bp,DC=bpsemi,DC=com
+ username: administrator@bpsemi.com
+ password: Bps@2831!
# MyBatis
mybatis:
diff --git a/ruoyi-framework/pom.xml b/ruoyi-framework/pom.xml
index b83b385ae..4541aa3b1 100644
--- a/ruoyi-framework/pom.xml
+++ b/ruoyi-framework/pom.xml
@@ -77,6 +77,12 @@
ruoyi-system
+
+
+ org.springframework.boot
+ spring-boot-starter-data-ldap
+
+
\ No newline at end of file
diff --git a/ruoyi-framework/src/main/java/com/ruoyi/framework/shiro/service/SysPasswordService.java b/ruoyi-framework/src/main/java/com/ruoyi/framework/shiro/service/SysPasswordService.java
index 7eff195fa..d745b1603 100644
--- a/ruoyi-framework/src/main/java/com/ruoyi/framework/shiro/service/SysPasswordService.java
+++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/shiro/service/SysPasswordService.java
@@ -7,6 +7,8 @@ import org.apache.shiro.cache.CacheManager;
import org.apache.shiro.crypto.hash.Md5Hash;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
+import org.springframework.ldap.core.LdapTemplate;
+import org.springframework.ldap.filter.EqualsFilter;
import org.springframework.stereotype.Component;
import com.ruoyi.common.constant.Constants;
import com.ruoyi.common.constant.ShiroConstants;
@@ -28,6 +30,9 @@ public class SysPasswordService
@Autowired
private CacheManager cacheManager;
+ @Autowired
+ private LdapTemplate ldapTemplate;
+
private Cache loginRecordCache;
@Value(value = "${user.password.maxRetryCount}")
@@ -70,7 +75,14 @@ public class SysPasswordService
public boolean matches(SysUser user, String newPassword)
{
- return user.getPassword().equals(encryptPassword(user.getLoginName(), newPassword, user.getSalt()));
+ //增加LDAP认证,如果LDAP认证不通过,则验证本地用户名密码 --yangbo 2021/7/7
+ EqualsFilter filter = new EqualsFilter("sAMAccountName", user.getLoginName());
+ Boolean result = ldapTemplate.authenticate("", filter.toString(), newPassword);
+ if(!result)
+ {
+ return user.getPassword().equals(encryptPassword(user.getLoginName(), newPassword, user.getSalt()));
+ }
+ return result;
}
public void clearLoginRecordCache(String loginName)