我无法找到用户所属的角色,我尝试了以下代码并提供了很多属性,但我感兴趣的是用户在某个应用中属于什么角色。
我正在搜索的用户属于以下两个组(userrole 和adminrole)。我如何检索此信息?
DN: cn=userrole,ou=roles,ou=appname,ou=apps,ou=groups,dc=example,dc=no
DN: cn=adminrole,ou=roles,ou=appname,ou=apps,ou=groups,dc=example,dc=no
private final String host = "host.example.com";
private final int port = 389;
private final String bindDn = "uid=appname,ou=systems,dc=example,dc=no";
private final String password = "password";
private final String searchDn = "dc=example,dc=no";
public SearchResultEntry getUserDetails(String username) {
try {
final LDAPConnection connection = new LDAPConnection(host, port,
bindDn, password);
SearchResult searchResults;
searchResults = connection.search(searchDn, SearchScope.SUB,
"(uid=" + username + ")", "+");
if (searchResults.getEntryCount() == 1) {
SearchResultEntry entry = searchResults.getSearchEntries().get(
0);
connection.close();
return entry;
} else {
LOGGER.error("NOT FOUND!");
connection.close();
return null;
}
} catch (LDAPException e) {
LOGGER.error("Exception");
return null;
}
}
最佳答案
使用以下函数。
假设您使用 SUN LDAP(您使用 uid
):
已编辑
private boolean isGroupContainUser(LDAPConnection ldapConnection, String groupDn, String userDn) throws LDAPException {
boolean ret = false;
Entry groupEntry = ldapConnection.getEntry(groupDn);
String[] memberValues = groupEntry.getAttributeValues("uniquemember");
if (memberValues != null) {
DN ldapUserDn = new DN(userDn);
for (String memberEntryDnString : memberValues) {
DN memberEntryDn = new DN(memberEntryDnString);
if (memberEntryDn.equals(ldapUserDn)) {
ret = true;
break;
}
}
}
return ret;
}
关于java - 如何使用 UnboundID LDAP SDK 查找用户在 LDAP 中拥有的所有角色?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/17921842/