我将对Asp.Net BoilerPlate项目使用Ldap身份验证。我根据文档创建了以下类:AuthenticationSource.cs,LdapSettingProvider.cs,LdapSettings.cs,CoreModule,LdapConsts.cs。我想从appsettings.json中读取Ldap信息,然后从Ldap进行身份验证。使用Ldap我需要做什么?
public class LdapSettingProvider : SettingProvider
{
public override IEnumerable<SettingDefinition> GetSettingDefinitions(SettingDefinitionProviderContext context)
{
var result = new[]
{
new SettingDefinition(LdapSettingNames.IsEnabled, "true", L("Ldap_IsEnabled"), scopes: SettingScopes.Application | SettingScopes.Tenant, isInherited: false),
new SettingDefinition(LdapSettingNames.ContextType, ContextType.Domain.ToString(), L("Ldap_ContextType"), scopes: SettingScopes.Application | SettingScopes.Tenant, isInherited: false),
new SettingDefinition(LdapSettingNames.Container, null, L("Ldap_Container"), scopes: SettingScopes.Application | SettingScopes.Tenant, isInherited: false),
new SettingDefinition(LdapSettingNames.Domain, null, L("LDAP://10.222.8.20"), scopes: SettingScopes.Application | SettingScopes.Tenant, isInherited: false),
new SettingDefinition(LdapSettingNames.UserName, null, L("Ldap_UserName"), scopes: SettingScopes.Application | SettingScopes.Tenant, isInherited: false),
new SettingDefinition(LdapSettingNames.Password, null, L("Ldap_Password"), scopes: SettingScopes.Application | SettingScopes.Tenant, isInherited: false)
};
return result;
}
private static ILocalizableString L(string name)
{
var result = new LocalizableString(name, PkdsLdapConsts.LocalizationLdapSourceName);
return result;
}
}
public class PkdsCoreModule : AbpModule
{
public override void PreInitialize()
{
Configuration.Auditing.IsEnabledForAnonymousUsers = true;
// Declare entity types
Configuration.Modules.Zero().EntityTypes.Tenant = typeof(Tenant);
Configuration.Modules.Zero().EntityTypes.Role = typeof(Role);
Configuration.Modules.Zero().EntityTypes.User = typeof(User);
PkdsLocalizationConfigurer.Configure(Configuration.Localization);
//LDAP buraya eklenecek. Configure buraya eklenecek.
PkdsLdapLocalizationConfigurer.Configure(Configuration.Localization);
Configuration.Settings.Providers.Add<Authentication.LdapSettingProvider>();
IocManager.Register<ILdapSettings, PkdsLdapSettings>();
Configuration.Modules.ZeroLdap().Enable(typeof(LdapAuthenticationSource));
// Enable this line to create a multi-tenant application.
Configuration.MultiTenancy.IsEnabled = PkdsConsts.MultiTenancyEnabled;
// Configure roles
AppRoleConfig.Configure(Configuration.Modules.Zero().RoleManagement);
Configuration.Settings.Providers.Add<AppSettingProvider>();
Configuration.UnitOfWork.OverrideFilter(AbpDataFilters.MayHaveTenant, false);
Configuration.UnitOfWork.OverrideFilter(AbpDataFilters.MustHaveTenant, false);
}
public override void Initialize()
{
IocManager.RegisterAssemblyByConvention(typeof(PkdsCoreModule).GetAssembly());
}
public override void PostInitialize()
{
IocManager.Resolve<AppTimes>().StartupTime = Clock.Now;
}
}
public class PkdsLdapConsts
{
public const string LocalizationLdapSourceName = "Ldap";
public const string ConnectionStringName = "Default";
public const bool MultiTenancyEnabled = false;
}
public class PkdsLdapSettings : ILdapSettings
{
protected ISettingManager SettingManager { get; }
public PkdsLdapSettings(ISettingManager settingManager)
{
SettingManager = settingManager;
}
public virtual Task<bool> GetIsEnabled(int? tenantId)
{
var result = tenantId.HasValue
? SettingManager.GetSettingValueForTenantAsync<bool>(LdapSettingNames.IsEnabled, tenantId.Value)
: SettingManager.GetSettingValueForApplicationAsync<bool>(LdapSettingNames.IsEnabled);
return result;
}
public virtual async Task<ContextType> GetContextType(int? tenantId)
{
var result = tenantId.HasValue
? (await SettingManager.GetSettingValueForTenantAsync(LdapSettingNames.ContextType, tenantId.Value)).ToEnum<ContextType>()
: (await SettingManager.GetSettingValueForApplicationAsync(LdapSettingNames.ContextType)).ToEnum<ContextType>();
return result;
}
public virtual Task<string> GetContainer(int? tenantId)
{
var result = tenantId.HasValue
? SettingManager.GetSettingValueForTenantAsync(LdapSettingNames.Container, tenantId.Value)
: SettingManager.GetSettingValueForApplicationAsync(LdapSettingNames.Container);
return result;
}
public virtual Task<string> GetDomain(int? tenantId)
{
var result = tenantId.HasValue
? SettingManager.GetSettingValueForTenantAsync(LdapSettingNames.Domain, tenantId.Value)
: SettingManager.GetSettingValueForApplicationAsync(LdapSettingNames.Domain);
return result;
}
public virtual Task<string> GetUserName(int? tenantId)
{
var result = tenantId.HasValue
? SettingManager.GetSettingValueForTenantAsync(LdapSettingNames.UserName, tenantId.Value)
: SettingManager.GetSettingValueForApplicationAsync(LdapSettingNames.UserName);
return result;
}
public virtual Task<string> GetPassword(int? tenantId)
{
var result = tenantId.HasValue
? SettingManager.GetSettingValueForTenantAsync(LdapSettingNames.Password, tenantId.Value)
: SettingManager.GetSettingValueForApplicationAsync(LdapSettingNames.Password);
return result;
}
}
public class LdapSettingProvider : SettingProvider
{
public override IEnumerable<SettingDefinition> GetSettingDefinitions(SettingDefinitionProviderContext context)
{
var result = new[]
{
new SettingDefinition(LdapSettingNames.IsEnabled, "true", L("Ldap_IsEnabled"), scopes: SettingScopes.Application | SettingScopes.Tenant, isInherited: false),
new SettingDefinition(LdapSettingNames.ContextType, ContextType.Domain.ToString(), L("Ldap_ContextType"), scopes: SettingScopes.Application | SettingScopes.Tenant, isInherited: false),
new SettingDefinition(LdapSettingNames.Container, null, L("Ldap_Container"), scopes: SettingScopes.Application | SettingScopes.Tenant, isInherited: false),
new SettingDefinition(LdapSettingNames.Domain, null, L("LDAP://10.222.8.20"), scopes: SettingScopes.Application | SettingScopes.Tenant, isInherited: false),
new SettingDefinition(LdapSettingNames.UserName, null, L("Ldap_UserName"), scopes: SettingScopes.Application | SettingScopes.Tenant, isInherited: false),
new SettingDefinition(LdapSettingNames.Password, null, L("Ldap_Password"), scopes: SettingScopes.Application | SettingScopes.Tenant, isInherited: false)
};
return result;
}
private static ILocalizableString L(string name)
{
var result = new LocalizableString(name, PkdsLdapConsts.LocalizationLdapSourceName);
return result;
}
}
public class LdapAuthenticationSource : LdapAuthenticationSource<Tenant, User>
{
public LdapAuthenticationSource(ILdapSettings settings, IAbpZeroLdapModuleConfig ldapModuleConfig)
: base(settings, ldapModuleConfig)
{
}
public override Task<bool> TryAuthenticateAsync(string userNameOrEmailAddress, string plainPassword, Tenant tenant)
{
return base.TryAuthenticateAsync(userNameOrEmailAddress, plainPassword, tenant);
}
}
我必须在LdapSettingProvider中定义什么,然后再进行其他步骤?
答案 0 :(得分:0)
配置了自定义外部身份验证后,Abp将在AbpLoginManager#LoginAsync()中自动处理它
如果您要通过API使用外部身份验证登录,请参见TokenAuthController#ExternalAuthenticate()
否则,有关MVC外部身份验证,请参见AccountController#Login()
关于ABP处理LDAP身份验证的方式,LdapAuthenticationSource#CreatePrincipalContext使用LdapSettingNames连接到设置中配置的LDAP域(请参阅PrincipalContext)。
此身份验证是在AbpLoginManager#LoginAsync()期间通过
Configuration.Modules.ZeroLdap().Enable(typeof(LdapAuthenticationSource));