2

私はJavaとJava EEが初めてです。ログインに成功した後、フルネーム、会社、電話、部署、メールなどのユーザーの詳細を Active Directory から取得する方法を教えてください。

私のweb.xml:

    <?xml version="1.0" encoding="UTF-8"?>
<web-app version="3.1" xmlns="http://xmlns.jcp.org/xml/ns/javaee"     xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd">
<context-param>
    <param-name>contextConfigLocation</param-name>
    <param-value>/WEB-INF/applicationContext.xml
                 /WEB-INF/applicationContext-security.xml
    </param-value>
</context-param>
<listener>
    <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<servlet>
    <servlet-name>dispatcher</servlet-name>
    <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
    <load-on-startup>2</load-on-startup>
</servlet>
<servlet-mapping>
    <servlet-name>dispatcher</servlet-name>
    <url-pattern>/</url-pattern>
</servlet-mapping>
<session-config>
    <session-timeout>
        30
    </session-timeout>
</session-config>
<welcome-file-list>
    <welcome-file>redirect.jsp</welcome-file>
</welcome-file-list>
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>  
</web-app>

私のapplictionContextsecurity.xml:

<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns:security="http://www.springframework.org/schema/security"
 xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.2.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd">

<!-- LDAP server details --> 
<security:authentication-manager>
    <security:authentication-provider ref="ldapActiveDirectoryAuthProvider" />
</security:authentication-manager>

<beans:bean id="grantedAuthoritiesMapper" class="org.mops.security.ActiveDirectoryGrantedAuthoritiesMapper"/>

<beans:bean id="ldapActiveDirectoryAuthProvider" class="org.springframework.security.ldap.authentication.ad.ActiveDirectoryLdapAuthenticationProvider">
    <beans:constructor-arg value="xxx.local" />
    <beans:constructor-arg value="ldap://xxx.local:389/" /> 
    <beans:property name="authoritiesMapper" ref="grantedAuthoritiesMapper" />
    <beans:property name="useAuthenticationRequestCredentials" value="true" />
    <beans:property name="convertSubErrorCodesToExceptions" value="true" />
</beans:bean>

<security:http auto-config="true" pattern="/**">
    <!-- Login pages -->
    <security:form-login login-page="/" default-target-url="/user/" 
        login-processing-url="/j_spring_security_check" authentication-failure-url="/?error=true" />
    <security:logout logout-success-url="/"/>

    <!-- Security zones -->
    <!--<security:intercept-url pattern="/it/**" access="ROLE_ADMIN" />
    <security:intercept-url pattern="/user/**" access="ROLE_ADMINISTRATION" /> -->
</security:http>

適切にログインできます。コントローラーでユーザー名を取得できます。

ユーザーコントローラー.java:

import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping;


@Controller
public class UserController{
private String username;
@RequestMapping("/user")
public String User(Model model) {

    Object principal = SecurityContextHolder.getContext().getAuthentication().getPrincipal();

    if (principal instanceof UserDetails) {
      this.username = ((UserDetails)principal).getUsername();
    } else {
      this.username = principal.toString();
    }
    model.addAttribute("message", username);

    return "user";
 }


}

そして今、すべてのユーザーの詳細を格納するクラスを作成し、ユーザーの詳細を使用する必要があるときにこのクラスのインスタンスを作成することを考えています。

誰でもこれを行う方法を段階的に教えてもらえますか?

4

1 に答える 1

4

2週間後、私は解決策を見つけました。

pring-security.xml 内:

<beans:bean id="ldapActiveDirectoryAuthProvider" class="org.springframework.security.ldap.authentication.ad.ActiveDirectoryLdapAuthenticationProvider" >
    <beans:constructor-arg value="xxx.yyy" />
    <beans:constructor-arg value="ldap://zzz.xxx.yyy:389/" /> 
    <beans:property name="authoritiesMapper" ref="grantedAuthoritiesMapper" />
    <beans:property name="useAuthenticationRequestCredentials" value="true" />
    <beans:property name="convertSubErrorCodesToExceptions" value="true" />
    <beans:property name="userDetailsContextMapper">
    <beans:bean class="org.springframework.security.ldap.userdetails.InetOrgPersonContextMapper" />
</beans:property>
</beans:bean>

コントローラーでは、プリンシパルを InetOrgPerson にキャストします。

import javax.naming.NamingException;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.security.ldap.userdetails.InetOrgPerson;


@Controller
public class UserController  {
private String username;


@RequestMapping(value="/user", method = RequestMethod.GET)
public String User(Model model) throws NamingException {
Object principal = SecurityContextHolder.getContext().getAuthentication().getPrincipal();


    if (principal instanceof UserDetails) {
      this.username = ((UserDetails)principal).getUsername();

    } else {
      this.username = principal.toString();

    }
        model.addAttribute("username", username);        
        model.addAttribute("roomNumber", ((InetOrgPerson) principal).getRoomNumber());
    return "user";
}

}
于 2013-11-06T13:13:12.577 に答える