支持ldap统一认证

@@ -139,6 +139,25 @@ public class UserAuthLocal {
         return usermap.get(name);
         return usermap.get(name);
     }
     }
 
 
+    /**
+     * 获取用户
+     *
+     * @param name
+     * @return
+     */
+    public User getUserByLdapName(String name) {
+        if (usermap.isEmpty()) {//改用延时加载
+            init();
+        }
+        for(String key:usermap.keySet()){
+            User u=usermap.get(key);
+            if(name.equals(u.getLadpName())){
+                return  u;
+            }
+        }
+        return null;
+    }
+
     public AuthModule getAuthModuleByname(String name) {
     public AuthModule getAuthModuleByname(String name) {
         if (modulemap.isEmpty()) {//改用延时加载
         if (modulemap.isEmpty()) {//改用延时加载
             init();
             init();

@@ -102,6 +102,7 @@ public class HttpUriContants {
     public static final String USER_UPDATE = "/user/update";
     public static final String USER_UPDATE = "/user/update";
     public static final String USER_DELETE_NAME = "/user/deleteByName";
     public static final String USER_DELETE_NAME = "/user/deleteByName";
     public static final String USER_OPERATE = "/user/operate";
     public static final String USER_OPERATE = "/user/operate";
+    public static final String USER_LDAP_FLAG = "/user/getLdapFlag";
 
 
     public static final String APP_ADD_SEESION = "/user/appAddSession";
     public static final String APP_ADD_SEESION = "/user/appAddSession";
     public static final String APP_GET_SEESION = "/user/appGetSession";
     public static final String APP_GET_SEESION = "/user/appGetSession";

@@ -47,4 +47,6 @@ public class User {
     private String modules;
     private String modules;
 
 
     private String loginTargetUrl;
     private String loginTargetUrl;
+
+    private String ladpName;
 }
 }

@@ -32,5 +32,11 @@
             <version>1.0-rc2</version>
             <version>1.0-rc2</version>
         </dependency>
         </dependency>
 
 
+        <dependency>
+            <groupId>org.springframework.ldap</groupId>
+            <artifactId>spring-ldap-core</artifactId>
+            <version>2.0.2.RELEASE</version>
+        </dependency>
+
     </dependencies>
     </dependencies>
 </project>
 </project>

@@ -5,6 +5,7 @@ import com.ui.User.MD5Util;
 import com.ui.User.UserAuthLocal;
 import com.ui.User.UserAuthLocal;
 import com.ui.contants.HttpUriContants;
 import com.ui.contants.HttpUriContants;
 import com.ui.http.HttpRestClient;
 import com.ui.http.HttpRestClient;
+import com.ui.ldaputil.LdapAuthUtil;
 import com.ui.model.BaseResponse;
 import com.ui.model.BaseResponse;
 import com.ui.model.req.AuthModule;
 import com.ui.model.req.AuthModule;
 import com.ui.model.req.User;
 import com.ui.model.req.User;
@@ -39,6 +40,9 @@ public class UserCtrl {
     @Autowired
     @Autowired
     UserAuthLocal userAuthLocal;
     UserAuthLocal userAuthLocal;
 
 
+    @Autowired
+    private LdapAuthUtil ldapAuthenticate;
+
     @RequestMapping("/toLogin")
     @RequestMapping("/toLogin")
     public ModelAndView toLogin(String loginTargetUrl, Model model) {
     public ModelAndView toLogin(String loginTargetUrl, Model model) {
         if(StringUtils.isNotBlank(loginTargetUrl)){
         if(StringUtils.isNotBlank(loginTargetUrl)){
@@ -63,27 +67,60 @@ public class UserCtrl {
 
 
         }
         }
 
 
-        User u = userAuthLocal.getUserByname(user.getName());
-        if (u == null) {
-            model.addAttribute("message", "用户名不存在");
-            return new ModelAndView("user/login");
+        boolean ldapFlag=false;
+        BaseResponse ldapFlagResp=httpRestClient.defaultGet(HttpUriContants.USER_LDAP_FLAG,BaseResponse.class);
+        if(ldapFlagResp!=null&&ldapFlagResp.getCode()==200&&ldapFlagResp.getData()!=null&&"1".equals(String.valueOf(ldapFlagResp.getData()))){
+            ldapFlag=true;
         }
         }
-        if (u.getPwd().equals(MD5Util.encryption(user.getPwd()))) {
-            session.setAttribute("user", u);
-            if(StringUtils.isBlank(user.getLoginTargetUrl())){
-            	return new ModelAndView("dashBoard/dashBoard");
-            }else{
-            	try {
-            		//直接跳转到初始的请求页面
-					response.sendRedirect(user.getLoginTargetUrl());
-				} catch (IOException e) {
-					return new ModelAndView("dashBoard/dashBoard");
-				}
-            	return null;
+
+        User u =null;
+        if(ldapFlag){
+            //走ldap统一认证接口
+            //认证
+            //认证不通过，提示
+            if(!ldapAuthenticate.login(user.getName(),user.getPwd())){
+                model.addAttribute("message", "请使用你的OA账户登陆,登录名或者密码错误");
+                return new ModelAndView("user/login");
             }
             }
-        } else {
-            model.addAttribute("message", "密码错误");
-            return new ModelAndView("user/login");
+
+            //认证通过
+            u = userAuthLocal.getUserByLdapName(user.getName());
+
+            if (u == null) {
+                //创建默认的用户
+                model.addAttribute("message", "用户名不存在,如有需要请联系管理员添加用户");
+                return new ModelAndView("user/login");
+            }
+
+
+        }else{
+            u = userAuthLocal.getUserByname(user.getName());
+
+            if (u == null) {
+                model.addAttribute("message", "用户名不存在,如有需要请联系管理员添加用户");
+                return new ModelAndView("user/login");
+            }
+
+            if (!u.getPwd().equals(MD5Util.encryption(user.getPwd()))) {
+                model.addAttribute("message", "密码错误");
+                return new ModelAndView("user/login");
+            }
+
+        }
+
+        //用户放到session
+        session.setAttribute("user", u);
+
+        if(StringUtils.isBlank(user.getLoginTargetUrl())){
+            return new ModelAndView("dashBoard/dashBoard");
+        }else{
+            try {
+                //直接跳转到初始的请求页面
+                response.sendRedirect(user.getLoginTargetUrl());
+            } catch (IOException e) {
+                return new ModelAndView("dashBoard/dashBoard");
+            }
+            return null;
         }
         }
 
 
     }
     }

+package com.ui.ldaputil;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.ldap.core.AttributesMapper;
+import org.springframework.ldap.core.LdapTemplate;
+import org.springframework.ldap.filter.AndFilter;
+import org.springframework.ldap.filter.EqualsFilter;
+import org.springframework.stereotype.Component;
+
+import javax.naming.directory.SearchControls;
+import java.util.List;
+
+/**
+ * Created by jimi on 2017/12/26.
+ */
+@Component
+public class LdapAuthUtil {
+
+    private static final Logger logger= LoggerFactory.getLogger(LdapAuthUtil.class);
+
+    @Autowired
+    LdapTemplate ldapTemplate;
+
+    public boolean login(String userName, String passWord){
+        AndFilter filter = new AndFilter();
+        filter.and(new EqualsFilter("objectclass", "person"))
+                .and(new EqualsFilter("sAMAccountName", userName));
+        String[] urls = ((YhLdapContextSource) ldapTemplate.getContextSource()).getUrls();
+        logger.info("ldap  urls :{}",urls);
+        return ldapTemplate.authenticate("", filter.toString(), passWord);
+    }
+
+    public LdapUser getUser(String userName){
+        AndFilter filter = new AndFilter();
+        filter.and(new EqualsFilter("objectclass", "person"))
+                .and(new EqualsFilter("sAMAccountName", userName));
+        LdapUser user = null;
+        int SearchScope = SearchControls.SUBTREE_SCOPE;
+        AttributesMapper<LdapUser> attr = new LdapMapUser();
+        List<LdapUser> users=ldapTemplate.search("",filter.toString(), SearchScope, attr);
+        if (users.size() !=0){
+            user=users.get(0);
+        }
+        return user;
+    }
+}
+
+
+

+package com.ui.ldaputil;
+
+import org.springframework.ldap.core.AttributesMapper;
+
+import javax.naming.NamingException;
+import javax.naming.directory.Attribute;
+import javax.naming.directory.Attributes;
+
+/**
+ * Created by jimi on 2017/12/26.
+ */
+public class LdapMapUser implements AttributesMapper<LdapUser> {
+    @Override
+    public LdapUser mapFromAttributes(Attributes attributes) throws NamingException {
+
+        Attribute attr;
+        LdapUser user = new LdapUser();
+
+        attr = attributes.get("name");
+        user.setName((String) attr.get());
+
+        attr = attributes.get("sAMAccountName");
+        user.setsAMAccountName((String) attr.get());
+//
+//        attr = attributes.get("department");
+//        user.setDepartment((String) attr.get());
+
+        attr = attributes.get("mail");
+        user.setMail((String) attr.get());
+
+        return user;
+    }
+}

+package com.ui.ldaputil;
+
+/**
+ * Created by jimi on 2017/12/26.
+ */
+public class LdapUser {
+
+    private String name;
+    private String sAMAccountName;
+    private String department;
+    private String mail;
+
+    public String getName() {
+        return name;
+    }
+
+    public void setName(String name) {
+        this.name = name;
+    }
+
+    public String getsAMAccountName() {
+        return sAMAccountName;
+    }
+
+    public void setsAMAccountName(String sAMAccountName) {
+        this.sAMAccountName = sAMAccountName;
+    }
+
+    public String getDepartment() {
+        return department;
+    }
+
+    public void setDepartment(String department) {
+        this.department = department;
+    }
+
+    public String getMail() {
+        return mail;
+    }
+
+    public void setMail(String mail) {
+        this.mail = mail;
+    }
+}

+package com.ui.ldaputil;
+
+import org.springframework.beans.factory.InitializingBean;
+import org.springframework.ldap.core.support.LdapContextSource;
+
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.TrustManager;
+import javax.net.ssl.X509TrustManager;
+import java.security.cert.CertificateException;
+import java.security.cert.X509Certificate;
+
+/**
+ * Created by jimi on 2018/1/8.
+ */
+public class YhLdapContextSource extends LdapContextSource implements InitializingBean {
+
+    YhLdapContextSource() {
+        super();
+    }
+
+
+    public void afterPropertiesSet() {
+
+        super.afterPropertiesSet();
+        try {
+            SSLContext ctx = SSLContext.getInstance("TLS");
+            X509TrustManager tm = new X509TrustManager() {
+
+                public void checkClientTrusted(X509Certificate[] xcs, String string) throws CertificateException {
+                }
+
+                public void checkServerTrusted(X509Certificate[] xcs, String string) throws CertificateException {
+                }
+
+                public X509Certificate[] getAcceptedIssuers() {
+                    return null;
+                }
+            };
+            ctx.init(null, new TrustManager[]{tm}, null);
+            SSLContext.setDefault(ctx);
+        } catch (Exception ex) {
+            ex.printStackTrace();
+        }
+    }
+
+}

+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<beans xmlns="http://www.springframework.org/schema/beans"
+       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+       xsi:schemaLocation="http://www.springframework.org/schema/beans
+							http://www.springframework.org/schema/beans/spring-beans.xsd">
+
+
+    <bean id="ldapContextSource" class="com.ui.ldaputil.YhLdapContextSource">
+        <!--test      ldaps://yoho01.local:636 -->
+        <!--formal  ldap://yoho01.local:389  -->
+        <property name="url" value="ldap://yoho01.local:389"/>
+        <property name="base" value="dc=yoho01,dc=local"/>
+        <property name="userDn" value="tech@yoho01.local"/>
+        <property name="password" value="3nIiz2Ov38NU"/>
+        <property name="referral" value="follow"></property>
+    </bean>
+
+    <bean id="ldapTemplate" class="org.springframework.ldap.core.LdapTemplate">
+        <property name="contextSource" ref="ldapContextSource"/>
+        <property name="ignorePartialResultException" value="true"/>
+    </bean>
+
+</beans>

@@ -31,7 +31,7 @@
 				<h4 class="text-center mb5">Still not a user?</h4>
 				<h4 class="text-center mb5">Still not a user?</h4>
 				<p class="text-center">Please connect with the admin.</p>
 				<p class="text-center">Please connect with the admin.</p>
 
 
-				<div class="mb30"></div>
+				<div class="mb30" style="color:red">${message}</div>
 
 
 				<form id="loginform" action="<%=basePath %>user/login" method="post">
 				<form id="loginform" action="<%=basePath %>user/login" method="post">
 					<div class="input-group mb15">
 					<div class="input-group mb15">