增加LDAP认证,如果LDAP认证不通过,则验证本地用户名密码(用户与OA同步待增加)
This commit is contained in:
bo.yang@bpsemi.com
parent
07d9c2641d
commit
acd5aed95b
|
|
@ -69,6 +69,12 @@ spring:
|
||||||
restart:
|
restart:
|
||||||
# 热部署开关
|
# 热部署开关
|
||||||
enabled: true
|
enabled: true
|
||||||
|
#ldap
|
||||||
|
ldap:
|
||||||
|
urls: ldap://192.168.2.10:389
|
||||||
|
base: OU=bp,DC=bpsemi,DC=com
|
||||||
|
username: administrator@bpsemi.com
|
||||||
|
password: Bps@2831!
|
||||||
|
|
||||||
# MyBatis
|
# MyBatis
|
||||||
mybatis:
|
mybatis:
|
||||||
|
|
|
||||||
|
|
@ -77,6 +77,12 @@
|
||||||
<artifactId>ruoyi-system</artifactId>
|
<artifactId>ruoyi-system</artifactId>
|
||||||
</dependency>
|
</dependency>
|
||||||
|
|
||||||
|
<!--ldap-->
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.springframework.boot</groupId>
|
||||||
|
<artifactId>spring-boot-starter-data-ldap</artifactId>
|
||||||
|
</dependency>
|
||||||
|
|
||||||
</dependencies>
|
</dependencies>
|
||||||
|
|
||||||
</project>
|
</project>
|
||||||
|
|
@ -7,6 +7,8 @@ import org.apache.shiro.cache.CacheManager;
|
||||||
import org.apache.shiro.crypto.hash.Md5Hash;
|
import org.apache.shiro.crypto.hash.Md5Hash;
|
||||||
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.beans.factory.annotation.Autowired;
|
||||||
import org.springframework.beans.factory.annotation.Value;
|
import org.springframework.beans.factory.annotation.Value;
|
||||||
|
import org.springframework.ldap.core.LdapTemplate;
|
||||||
|
import org.springframework.ldap.filter.EqualsFilter;
|
||||||
import org.springframework.stereotype.Component;
|
import org.springframework.stereotype.Component;
|
||||||
import com.ruoyi.common.constant.Constants;
|
import com.ruoyi.common.constant.Constants;
|
||||||
import com.ruoyi.common.constant.ShiroConstants;
|
import com.ruoyi.common.constant.ShiroConstants;
|
||||||
|
|
@ -28,6 +30,9 @@ public class SysPasswordService
|
||||||
@Autowired
|
@Autowired
|
||||||
private CacheManager cacheManager;
|
private CacheManager cacheManager;
|
||||||
|
|
||||||
|
@Autowired
|
||||||
|
private LdapTemplate ldapTemplate;
|
||||||
|
|
||||||
private Cache<String, AtomicInteger> loginRecordCache;
|
private Cache<String, AtomicInteger> loginRecordCache;
|
||||||
|
|
||||||
@Value(value = "${user.password.maxRetryCount}")
|
@Value(value = "${user.password.maxRetryCount}")
|
||||||
|
|
@ -70,7 +75,14 @@ public class SysPasswordService
|
||||||
|
|
||||||
public boolean matches(SysUser user, String newPassword)
|
public boolean matches(SysUser user, String newPassword)
|
||||||
{
|
{
|
||||||
return user.getPassword().equals(encryptPassword(user.getLoginName(), newPassword, user.getSalt()));
|
//增加LDAP认证,如果LDAP认证不通过,则验证本地用户名密码 --yangbo 2021/7/7
|
||||||
|
EqualsFilter filter = new EqualsFilter("sAMAccountName", user.getLoginName());
|
||||||
|
Boolean result = ldapTemplate.authenticate("", filter.toString(), newPassword);
|
||||||
|
if(!result)
|
||||||
|
{
|
||||||
|
return user.getPassword().equals(encryptPassword(user.getLoginName(), newPassword, user.getSalt()));
|
||||||
|
}
|
||||||
|
return result;
|
||||||
}
|
}
|
||||||
|
|
||||||
public void clearLoginRecordCache(String loginName)
|
public void clearLoginRecordCache(String loginName)
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue