ActiveDirectory fix

2021-07-28 17:57:13 +08:00
parent 1b773db0cb
commit a34d838b8e
7 changed files with 34 additions and 7 deletions
--- a/maxkey-core/src/main/java/org/maxkey/constants/ldap/ActiveDirectoryUser.java
+++ b/maxkey-core/src/main/java/org/maxkey/constants/ldap/ActiveDirectoryUser.java
@@ -30,6 +30,8 @@ import java.util.Arrays;

 public class ActiveDirectoryUser {
 	public static ArrayList<String> OBJECTCLASS = new ArrayList<>(Arrays.asList("top", "person", "organizationalPerson", "user"));
+	
+	public static String	   objectClass				 	 = "user";
 	/** userAccountControl值得说明
 	 * http://support.microsoft.com/zh-cn/kb/305144
 	 * https://docs.microsoft.com/en-us/troubleshoot/windows-server/identity/useraccountcontrol-manipulate-account-properties
@@ -117,6 +119,7 @@ public class ActiveDirectoryUser {

 	public static final String CN 							= "cn";
 	public static final String NAME 						= "name";
+	public static final String UID 							= "uid";
 	
 	public static final String GIVENNAME 					= "givenName";
 	public static final String SN 							= "sn";
@@ -145,7 +148,7 @@ public class ActiveDirectoryUser {
 	public static final String SAMACCOUNTNAME 				= "sAMAccountname";
 	public static final String LOGONHOURS 					= "logonHours";
 	public static final String LOGONWORKSTATION 			= "logonWorkstation";
-	public static final String USERACCOUNTCONTROL		 	= "userAccountControl   ";
+	public static final String USERACCOUNTCONTROL		 	= "userAccountControl";
 	public static final String PWDLASTSET 					= "pwdLastSet";
 	public static final String ACCOUNTEXPIRES 				= "accountExpires";
 	
@@ -161,6 +164,10 @@ public class ActiveDirectoryUser {
 	public static final String TITLE 						= "title";
 	public static final String COMPANY 						= "company";
 	public static final String DEPARTMENT 					= "department";
+	public static final String EMPLOYEENUMBER 				= "employeeNumber";
+	public static final String OU 							= "ou";
+	public static final String DEPARTMENTNUMBER 			= "departmentNumber";
+	
 	public static final String MANAGER 						= "manager";
 	public static final String DIRECTREPORTS 				= "directReports";

--- a/maxkey-core/src/main/java/org/maxkey/constants/ldap/GroupOfNames.java
+++ b/maxkey-core/src/main/java/org/maxkey/constants/ldap/GroupOfNames.java
@@ -28,6 +28,8 @@ import java.util.Arrays;
 */
 public class GroupOfNames {
 	public static ArrayList<String> OBJECTCLASS = new ArrayList<>(Arrays.asList("top", "groupOfNames"));
+	
+	public static String	   objectClass				 	 = "groupOfNames";
 	public static final String DISTINGUISHEDNAME 			 = "distinguishedname";
 	public static final String CN                            = "cn";
 	public static final String MEMBER                  		 = "member";
--- a/maxkey-core/src/main/java/org/maxkey/constants/ldap/GroupOfUniqueNames.java
+++ b/maxkey-core/src/main/java/org/maxkey/constants/ldap/GroupOfUniqueNames.java
@@ -28,6 +28,8 @@ import java.util.Arrays;
 */
 public class GroupOfUniqueNames {
 	public static ArrayList<String> OBJECTCLASS = new ArrayList<>(Arrays.asList("top", "groupOfUniqueNames"));
+	
+	public static String	   objectClass				 	 = "groupOfUniqueNames";
 	public static final String DISTINGUISHEDNAME 			 = "distinguishedname";
 	public static final String CN                            = "cn";
 	public static final String UNIQUEMEMBER                  = "uniqueMember";
--- a/maxkey-core/src/main/java/org/maxkey/constants/ldap/InetOrgPerson.java
+++ b/maxkey-core/src/main/java/org/maxkey/constants/ldap/InetOrgPerson.java
@@ -28,6 +28,8 @@ import java.util.Arrays;
 */
 public class InetOrgPerson {
 	public static ArrayList<String> OBJECTCLASS = new ArrayList<>(Arrays.asList("top", "person","organizationalPerson","inetOrgPerson"));
+	
+	public static String	   objectClass				 	 = "inetOrgPerson";
 	public static final String DISTINGUISHEDNAME 			 = "distinguishedname";
 	//person sup top
 	/**person sn MUST*/
--- a/maxkey-core/src/main/java/org/maxkey/constants/ldap/Organization.java
+++ b/maxkey-core/src/main/java/org/maxkey/constants/ldap/Organization.java
@@ -29,6 +29,7 @@ import java.util.Arrays;
 public class Organization {
 	public static ArrayList<String> OBJECTCLASS = new ArrayList<>(Arrays.asList("top", "organization"));
 	
+	public static String	   objectClass				 	 = "organization";
 	public static final String DISTINGUISHEDNAME 			 = "distinguishedname";
 	
 	/**Organization o*/
@@ -76,4 +77,7 @@ public class Organization {
 	/**Organization l*/
 	public static final String L                             = "l";
 	
+	//for id
+	public static final String CN                   		 = "cn";
+	
 }
--- a/maxkey-core/src/main/java/org/maxkey/constants/ldap/OrganizationalUnit.java
+++ b/maxkey-core/src/main/java/org/maxkey/constants/ldap/OrganizationalUnit.java
@@ -28,6 +28,7 @@ import java.util.Arrays;
 */
 public class OrganizationalUnit {
 	public static ArrayList<String> OBJECTCLASS = new ArrayList<>(Arrays.asList("top", "OrganizationalUnit"));
+	public static String	   objectClass				 	 = "OrganizationalUnit";
 	public static final String DISTINGUISHEDNAME 			 = "distinguishedname";
 	/**OrganizationalUnit ou*/
 	public static final String OU                         	 = "ou";
@@ -79,4 +80,7 @@ public class OrganizationalUnit {
 	public static final String COUNTRYCODE                   = "countryCode";//156
 	public static final String NAME                   		 = "name";
 	
+	//for id
+	public static final String CN                   		 = "cn";
+	
 }
--- a/maxkey-core/src/main/java/org/maxkey/persistence/ldap/ActiveDirectoryUtils.java
+++ b/maxkey-core/src/main/java/org/maxkey/persistence/ldap/ActiveDirectoryUtils.java
@@ -34,7 +34,8 @@ public class ActiveDirectoryUtils extends LdapUtils {
    private final static Logger _logger = LoggerFactory.getLogger(ActiveDirectoryUtils.class);

    protected String domain;
-
+    
+    String activeDirectoryDomain;
    /**
     * 
     */
@@ -78,21 +79,26 @@ public class ActiveDirectoryUtils extends LdapUtils {
        props.setProperty(Context.SECURITY_AUTHENTICATION, "simple");

        props.setProperty(Context.PROVIDER_URL, providerUrl);
-        if (domain.indexOf(".") > -1) {
-            domain = domain.substring(0, domain.indexOf("."));
+        
+        if (activeDirectoryDomain == null && domain.indexOf(".") > -1) {
+        	activeDirectoryDomain = domain.substring(0, domain.indexOf("."));
+        }else {
+        	activeDirectoryDomain = domain;
        }
-        _logger.info("PROVIDER_DOMAIN:" + domain);
-        String activeDirectoryPrincipal = domain + "\\" + principal;
+        
+        _logger.info("PROVIDER_DOMAIN:" + activeDirectoryDomain + " for " + domain);
+        String activeDirectoryPrincipal = activeDirectoryDomain + "\\" + principal;
        _logger.debug("Active Directory SECURITY_PRINCIPAL : " + activeDirectoryPrincipal);
        props.setProperty(Context.SECURITY_PRINCIPAL, activeDirectoryPrincipal);
        props.setProperty(Context.SECURITY_CREDENTIALS, credentials);

        if (ssl && providerUrl.toLowerCase().startsWith("ldaps")) {
+        	_logger.info("ldaps security protocol.");
            System.setProperty("javax.net.ssl.trustStore", trustStore);
            System.setProperty("javax.net.ssl.trustStorePassword", trustStorePassword);
            props.put(Context.SECURITY_PROTOCOL, "ssl");
-            props.put(Context.REFERRAL, "follow");
        }
+        props.put(Context.REFERRAL, "follow");

        return InitialDirContext(props);
    }