1.ldap
1.1.ldap服务搭建
docker方式搭建:包含了ldap服务和ldap admin图形化界面服务
参考ldap服务:http://127.0.0.1:81
用户名:CN=admin,DC=ldap,DC=com 密码:123456
docker-compose.yml文件内容如下
version: '3'
services:
ldap:
image: osixia/openldap:latest
container_name: ldap
environment:
- TZ=Asia/Shanghai
- LDAP_ORGANISATION=ldap
- LDAP_DOMAIN=ldap.com
- LDAP_ADMIN_PASSWORD=Admin100%
ports:
- 389:389
- 636:636
networks:
- ldap-net
ldapui:
image: osixia/phpldapadmin:latest
container_name: ldapui
privileged: true
environment:
- TZ=Asia/Shanghai
- PHPLDAPADMIN_HTTPS=false
- PHPLDAPADMIN_LDAP_HOSTS=ldap
ports:
- 1443:443
- 81:80
depends_on:
- ldap
networks:
- ldap-net
networks:
ldap-net:
driver: bridge
1.2.与springboot集成
pom.xml引入
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-data-ldap</artifactId>
</dependency>
java文件
import lombok.extern.slf4j.Slf4j;
import org.springframework.data.mongodb.core.query.Criteria;
import org.springframework.data.mongodb.core.query.Query;
import org.springframework.ldap.core.AttributesMapper;
import org.springframework.ldap.core.LdapTemplate;
import org.springframework.ldap.core.support.LdapContextSource;
import org.springframework.ldap.filter.EqualsFilter;
import org.springframework.ldap.query.LdapQuery;
import org.springframework.ldap.query.LdapQueryBuilder;
import javax.naming.NamingEnumeration;
import javax.naming.directory.Attribute;
import java.util.*;
import java.util.stream.Collectors;
@Slf4j
public class LdapConfig {
private static LdapConfig instance;
private LdapConfig() {}
public static LdapConfig getInstance() {
if (instance == null) {
synchronized (LdapConfig.class) {
if (instance == null) {
instance = new LdapConfig();
}
}
}
return instance;
}
private LdapTemplate ldapTemplate;
/**
* String ldapUrl = "ldap://127.0.0.1:389";
* String ldapBase = "dc=ldap,dc=com";
* String ldapUsername = "cn=admin,dc=ldap,dc=com";
* String ldapPassword = "123456";
*
*/
private void init() {
try {
SettingDao settingDao = (SettingDao) SpringContextUtil.getBean("settingDao");
Map<String, Object> dataMap = getSettingByKeys(settingDao,"ldapUrl","ldapBase","ldapUsername","ldapPassword");
String ldapUrl = (String)dataMap.get("ldapUrl");
String ldapBase = (String)dataMap.get("ldapBase");
String ldapUsername = (String)dataMap.get("ldapUsername");
String ldapPassword = (String)dataMap.get("ldapPassword");
LdapContextSource contextSource = new LdapContextSource();
contextSource.setUrl(ldapUrl);
contextSource.setBase(ldapBase);
contextSource.setUserDn(ldapUsername);
contextSource.setPassword(ldapPassword);
contextSource.setPooled(true);
contextSource.afterPropertiesSet();
Map<String, Object> config = new HashMap<>(1);
config.put("java.naming.ldap.attributes.binary", "objectGUID");
contextSource.setBaseEnvironmentProperties(config);
this.ldapTemplate = new LdapTemplate(contextSource);
ldapTemplate.setIgnorePartialResultException(true);
} catch (Exception e) {
log.error("LDAP 服务连接异常", e);
throw new I18nServerEndException("common.tips_32");
}
}
public boolean verifyUser(String userName, String password) {
EqualsFilter ef = new EqualsFilter("uid", userName);
try {
return getLdapTemplate().authenticate("", ef.toString(), password);
} catch (Exception e) {
log.error("LDAP 服务连接异常", e);
throw new I18nServerEndException("common.tips_32");
}
}
public List<Map<String, Object>> fetchUserList(String userName) {
LdapQuery query = LdapQueryBuilder.query().where("uid").is(userName);
try {
return getLdapTemplate().search(query, (AttributesMapper<Map<String, Object>>) (attributes) -> {
Map<String, Object> map = new HashMap<>();
NamingEnumeration<? extends Attribute> all = attributes.getAll();
while(all.hasMore()){
Attribute attribute = all.next();
String id = attribute.getID();
map.put(id, attribute.get());
}
return map;
});
} catch (Exception e) {
log.error("LDAP 服务连接异常", e);
throw new I18nServerEndException("common.tips_32");
}
}
private Map<String, Object> getSettingByKeys(SettingDao settingDao, String... keys){
Integer num = keys.length;
List<Criteria> criteriaList = new ArrayList<>(num);
for (String key : keys) {
criteriaList.add(Criteria.where("key").is(key));
}
List<Setting> settingList = settingDao.fetchList(new Query(new Criteria().orOperator(criteriaList)));
if(settingList == null || settingList.size() != num){
throw new I18nServerEndException("common.tips_32");
}
return settingList.stream().collect(Collectors.toMap(Setting :: getKey, Setting :: getValue, (a, b) -> b));
}
private LdapTemplate getLdapTemplate() throws I18nServerEndException {
if(ldapTemplate == null){
init();
}
return ldapTemplate;
}
public void clear(){
this.ldapTemplate = null;
}
}
2.sftp
2.1.sftp服务搭建
docker-compose方式搭建
version: '3'
services:
sftp:
image: atmoz/sftp
volumes:
- ./test/:/home/foo/
ports:
- "2222:22"
privileged: true
command: foo:123456:1002
镜像作者的设定应该是把映射目录作为根目录(监狱),根目录(./test)是不能有写权限的,需要在下面再建一个子目录.
./test文件夹授权755,在test目录下再新建一个文件夹,比如upload, 把需要上传的文件放置在upload中,并且修改upload权限为777,例如:
mkdir upload
chmod 777 upload
2.2.与springboot集成
pom.xml引入
<dependency>
<groupId>com.jcraft</groupId>
<artifactId>jsch</artifactId>
<version>0.1.55</version>
</dependency>
<dependency>
<groupId>commons-io</groupId>
<artifactId>commons-io</artifactId>
<version>2.8.0</version>
</dependency>
java文件
import com.jcraft.jsch.*;
import lombok.extern.slf4j.Slf4j;
i