如何按人名搜索LDAP?

时间:2010-12-01 07:59:38

标签: ldap

我收到此错误消息

 org.springframework.web.util.NestedServletException: Request processing failed; nested exception is org.springframework.ldap.NameNotFoundException: [LDAP: error code 32 - No Such Object]; nested exception is javax.naming.NameNotFoundException: [LDAP: error code 32 - No Such Object]; remaining name 'cn=Kirsi'
 org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:659)
 org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:552)
 javax.servlet.http.HttpServlet.service(HttpServlet.java:617)
 javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
 org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:143)
 org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:237)
 org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:167)
 org.jasig.cas.client.session.SingleSignOutFilter.doFilter(SingleSignOutFilter.java:110)
 org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:88)
 org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:76)

根本原因

org.springframework.ldap.NameNotFoundException: [LDAP: error code 32 - No Such Object]; nested exception is javax.naming.NameNotFoundException: [LDAP: error code 32 - No Such Object]; remaining name 'cn=Kirsi'
 org.springframework.ldap.support.LdapUtils.convertLdapException(LdapUtils.java:172)
 org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:306)
 org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:237)
 org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:624)
 org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:535)
 org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:462)
 org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:483)
 org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:503)
 fi.utu.userdetails.LdapManager.findByNameWildCard(LdapManager.java:43)
 net.viralpatel.spring3.controller.ResearcherController.addresearcher(ResearcherController.java:40)
 sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
 sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
 sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
 java.lang.reflect.Method.invoke(Method.java:597)
 org.springframework.web.bind.annotation.support.HandlerMethodInvoker.doInvokeMethod(HandlerMethodInvoker.java:710)
 org.springframework.web.bind.annotation.support.HandlerMethodInvoker.invokeHandlerMethod(HandlerMethodInvoker.java:167)
 org.springframework.web.servlet.mvc.annotation.AnnotationMethodHandlerAdapter.invokeHandlerMethod(AnnotationMethodHandlerAdapter.java:414)
 org.springframework.web.servlet.mvc.annotation.AnnotationMethodHandlerAdapter.handle(AnnotationMethodHandlerAdapter.java:402)
 org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:771)
 org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:716)
 org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:647)
 org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:552)
 javax.servlet.http.HttpServlet.service(HttpServlet.java:617)
 javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
 org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:143)
 org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:237)
 org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:167)
 org.jasig.cas.client.session.SingleSignOutFilter.doFilter(SingleSignOutFilter.java:110)
 org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:88)
 org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:76)

根本原因

javax.naming.NameNotFoundException: [LDAP: error code 32 - No Such Object]; remaining name 'cn=Kirsi'
 com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3066)
 com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2987)
 com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2794)
 com.sun.jndi.ldap.LdapCtx.searchAux(LdapCtx.java:1826)
 com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1749)
 com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(ComponentDirContext.java:368)
 com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:338)
 javax.naming.directory.InitialDirContext.search(InitialDirContext.java:257)
 org.springframework.ldap.core.LdapTemplate$3.executeSearch(LdapTemplate.java:231)
 org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:293)
 org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:237)
 org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:624)
 org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:535)
 org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:462)
 org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:483)
 org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:503)
 fi.utu.userdetails.LdapManager.findByNameWildCard(LdapManager.java:43)
 net.viralpatel.spring3.controller.ResearcherController.addresearcher(ResearcherController.java:40)
 sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
 sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
 sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
 java.lang.reflect.Method.invoke(Method.java:597)
 org.springframework.web.bind.annotation.support.HandlerMethodInvoker.doInvokeMethod(HandlerMethodInvoker.java:710)
 org.springframework.web.bind.annotation.support.HandlerMethodInvoker.invokeHandlerMethod(HandlerMethodInvoker.java:167)
 org.springframework.web.servlet.mvc.annotation.AnnotationMethodHandlerAdapter.invokeHandlerMethod(AnnotationMethodHandlerAdapter.java:414)
 org.springframework.web.servlet.mvc.annotation.AnnotationMethodHandlerAdapter.handle(AnnotationMethodHandlerAdapter.java:402)
 org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:771)
 org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:716)
 org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:647)
 org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:552)
 javax.servlet.http.HttpServlet.service(HttpServlet.java:617)
 javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
 org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:143)
 org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:237)
 org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:167)
 org.jasig.cas.client.session.SingleSignOutFilter.doFilter(SingleSignOutFilter.java:110)
 org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:88)
 org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:76)

通过谷歌搜索我发现这是因为配置了dn。我试图将其从contextSource中移除,但没有任何帮助。 ContextSource

<bean id="contextSource" class="org.springframework.ldap.core.support.LdapContextSource">
  <property name="url" value=" ldap://ldap.utu.fi " />
  <property name="base" value="dc=utu,dc=fi" />
  <property name="userDn" value="uid=sysbind,ou=special users,dc=utu,dc=fi" />
  <property name="password" value="footogsEp2" />
</bean>

上课:

package fi.utu.userdetails;

import java.util.List;

import javax.naming.NamingException;
import javax.naming.directory.Attributes;

import org.springframework.ldap.core.AttributesMapper;
import org.springframework.ldap.core.DirContextOperations;
import org.springframework.ldap.core.DistinguishedName;
import org.springframework.ldap.core.LdapTemplate;
import org.springframework.ldap.core.support.AbstractContextMapper;
import org.springframework.ldap.filter.AndFilter;
import org.springframework.ldap.filter.EqualsFilter;
import org.springframework.ldap.filter.OrFilter;


public class LdapManager {

private LdapTemplate ldap;
private final static String[] PERSON_ATTRS =
    new String[]{"uid", "mail",  "givenName", "sn","cn"};

public LdapManager(LdapTemplate template) {
     this.ldap = template;
}

public List<Person> findByNameWildCard(String fullname) {
    DistinguishedName dn = new DistinguishedName();
    dn.add("cn", fullname);

    AndFilter andFilter = new AndFilter();
    andFilter.and(new EqualsFilter("objectclass", "person"));
    OrFilter affiliationFilter = new OrFilter(); 
    return ldap.search(dn, andFilter.encode(), new PersonContextMapper());
}


private class PersonAttributesMapper implements AttributesMapper {
    public Object mapFromAttributes(Attributes attrs) throws NamingException {
      String uid = (String) attrs.get("uid").get();
      String mail = (String) attrs.get("mail").get();
      String lastname = (String) attrs.get("sn").get();
      String firstname = (String) attrs.get("givenName").get();
      String fullname = (String) attrs.get("cn").get();
      //String status = (String) attrs.get("inetUserStatus").get();

      Person person = new Person();
      person.setLname(lastname);
      person.setFname(firstname);
      person.setEmail(mail);
      person.setUsername(uid);
      person.setFullname(fullname);
      return person;
    }
}

  private static class PersonContextMapper extends AbstractContextMapper {
    @Override
    protected Object doMapFromContext(DirContextOperations context) {
      Person person = new Person();
      person.setUsername(context.getStringAttribute("uid"));
      person.setEmail((context.getStringAttribute("mail")));
      person.setLname((context.getStringAttribute("sn")));
      person.setFname(context.getStringAttribute("givenName"));
      person.setFname(context.getStringAttribute("cn"));

      return person;
    }
  }
}

有什么问题?

1 个答案:

答案 0 :(得分:1)

从这个错误看,你没有使用用户的完整DN,只是cn = kirsi片段。

您需要先根据某些内容(用户名,电子邮件)查询用户的完整DN,然后尝试与之绑定。