代码参考:https://github.com/chocolateBlack/db2Ldap
QQ群:223460081
将关系型数据数据组织机构同步到LDAP中
1、获取关系型DB中组织机构关系
2、生成树型数据结构(因数据库不同,获取、生成树形结构方式不同)
3、按树形结构,自上而下向LDAP增加组织结构节点
4、获取关系型数据库中用户与组织机构关联关系。
5、LDAP增加用户节点
环境相关配置
applicationContext.xml 工程环境spring配置文件
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
|
<?
xml
version
=
"1.0"
encoding
=
"UTF-8"
?>
<!--
~ Copyright 2005-2013 the original author or authors.
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
-->
<
beans
xmlns
=
"http://www.springframework.org/schema/beans"
xmlns:xsi
=
"http://www.w3.org/2001/XMLSchema-instance"
xmlns:context
=
"http://www.springframework.org/schema/context"
xmlns:ldap
=
"http://www.springframework.org/schema/ldap"
xmlns:p
=
"http://www.springframework.org/schema/p"
xsi:schemaLocation
=
"http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd http://www.springframework.org/schema/ldap http://www.springframework.org/schema/ldap/spring-ldap.xsd"
>
<
context:property-placeholder
location
=
"classpath:/ldap.properties"
system-properties-mode
=
"OVERRIDE"
ignore-unresolvable
=
"true"
/>
<
context:property-placeholder
location
=
"classpath:/db.properties"
system-properties-mode
=
"OVERRIDE"
ignore-unresolvable
=
"true"
/>
<
context:annotation-config
/>
<
ldap:context-source
id
=
"contextSource"
password
=
"${sample.ldap.password}"
url
=
"${sample.ldap.url}"
username
=
"${sample.ldap.userDn}"
base
=
"${sample.ldap.base}"
/>
<
ldap:ldap-template
id
=
"ldapTemplate"
context-source-ref
=
"contextSource"
/>
<!--
This will scan the org.springframework.ldap.samples.useradmin.domain package for interfaces
extending CrudRepository (in our case, LdapRepository), automatically creating repository
beans based on these interfaces.
-->
<
ldap:repositories
base-package
=
"org.springframework.ldap.samples.useradmin.domain"
/>
<!--
This one will never be referenced directly, but the ldap:repositories tag will make sure
it will be 'wired in', because the GroupRepo interface extends from an interface that GroupRepoImpl
imlements.
-->
<
bean
class
=
"org.springframework.ldap.samples.useradmin.domain.impl.GroupRepoImpl"
/>
<
bean
class
=
"org.springframework.ldap.samples.useradmin.domain.impl.DepartmentRepoImpl"
/>
<
bean
id
=
"userService"
class
=
"org.springframework.ldap.samples.useradmin.service.UserService"
>
<
property
name
=
"directoryType"
value
=
"${sample.ldap.directory.type}"
/>
</
bean
>
<
bean
id
=
"orgService"
class
=
"org.springframework.ldap.samples.useradmin.service.OrganizationService"
>
<
property
name
=
"directoryType"
value
=
"${sample.ldap.directory.type}"
/>
</
bean
>
<!-- Required to make sure BaseLdapName is populated in UserService -->
<
bean
class
=
"org.springframework.ldap.core.support.BaseLdapPathBeanPostProcessor"
/>
<
beans
profile
=
"no-apacheds"
>
<!-- Populates the LDAP server with initial data -->
<
bean
class
=
"org.springframework.ldap.test.LdifPopulator"
>
<
property
name
=
"contextSource"
ref
=
"contextSource"
/>
<
property
name
=
"resource"
value
=
"classpath:/setup_data.ldif"
/>
<
property
name
=
"base"
value
=
"${sample.ldap.base}"
/>
<
property
name
=
"clean"
value
=
"${sample.ldap.clean}"
/>
<
property
name
=
"defaultBase"
value
=
"dc=example,dc=com"
/>
</
bean
>
</
beans
>
<!--
relational database configuration
-->
<
beans
>
<
bean
id
=
"jdbcTemplate"
class
=
"org.springframework.jdbc.core.JdbcTemplate"
p:dataSource-ref
=
"dataSource"
/>
<
bean
id
=
"dataSource"
destroy-method
=
"close"
class
=
"org.apache.commons.dbcp.BasicDataSource"
>
<
property
name
=
"driverClassName"
value
=
"${jdbc.driverClassName}"
/>
<
property
name
=
"url"
value
=
"${jdbc.url}"
/>
<
property
name
=
"username"
value
=
"${jdbc.username}"
/>
<
property
name
=
"password"
value
=
"${jdbc.password}"
/>
</
bean
>
</
beans
>
</
beans
>
|
db.properties 关系型数据库相关配置
|
1
2
3
4
|
jdbc.driverClassName=com.microsoft.sqlserver.jdbc.SQLServerDriver
jdbc.url=jdbc:sqlserver://192.168.10.10;database=hr
jdbc.username=admin
jdbc.password=admin
|
ldap.properties,LDAP相关配置
|
1
2
3
4
5
6
|
spring.profiles.active=no-apacheds
sample.ldap.url=ldap://192.168.14.50:389
sample.ldap.userDn=cn=Manager,dc=openldap,dc=jw,dc=cn
sample.ldap.password=G0qGH9123
sample.ldap.base=dc=openldap,dc=jw,dc=cn
sample.ldap.directory.type=NORMAL
|
部分代码
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
|
/**
* 通过原生方式增加一个组织结构
*/
@Test
public
void
createNode(){
Attributes attr =
new
BasicAttributes();
BasicAttribute ocattr =
new
BasicAttribute(
"objectclass"
);
ocattr.add(
"organizationalUnit"
);
ocattr.add(
"top"
);
attr.put(ocattr);
ldapTemplate.bind(
"ou=业务"
,
null
, attr);
ldapTemplate.bind(
"ou=事业部, ou=业务"
,
null
, attr);
ldapTemplate.bind(
"ou=项目组,ou=事业部, ou=业务"
,
null
, attr);
}
|
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
|
/**
* 通过原生方式添加User
*/
@Test
public
void
createU(){
Attributes attr =
new
BasicAttributes();
BasicAttribute ocattr =
new
BasicAttribute(
"objectclass"
);
ocattr.add(
"top"
);
ocattr.add(
"organizationalPerson"
);
ocattr.add(
"shadowAccount"
);
attr.put(ocattr);
attr.put(
"userPassword"
,
"12"
);
attr.put(
"sn"
,
"12"
);
attr.put(
"uid"
,
"12"
);
// ldapTemplate.bind("ou=IT", null, attr);// buildDN() function
ldapTemplate.bind(
"cn=123,ou=A项目组,ou=A事业部, ou=业务"
,
null
, attr);
}
|
|
1
2
3
4
5
6
7
8
9
10
11
12
|
/**
* 通过Entity注解Java类的方式,增加一个组织机构,两种方式,一个通过orgService接口,另一个中直接通过ldapTemplate
*/
@Test
public
void
createOrganization(){
JWOrganization org =
new
JWOrganization();
org.setId(
"ou=1, ou=事业部, ou=业务"
);
orgService.createJWOrg(org);
// ldapTemplate.create(org);
}
|
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
|
/**
* 测试新增一个用户,并将该用户添加到某个Group中
*/
@Test
public
void
createUser(){
JWUser user =
new
JWUser();
user.setId(
"cn=111, ou=事业部, ou=业务"
);
user.setEmail(
"123@126.com"
);
user.setEmployeeNumber(
"123"
);
user.setLastName(
"lastName"
);
user.setPhone(
"123"
);
user.setTitle(
"title"
);
user.setUid(
"123"
);
user.setUserPassword(
"c9c4c39a6ce34112314ba89c1e777"
);
userService.createJWUser(user);
addMemberToGroup(user);
// ldapTemplate.create(user);
}
|
组织机构类JWOrganization
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
|
package
org.springframework.ldap.samples.useradmin.domain;
import
java.util.ArrayList;
import
java.util.List;
import
javax.naming.Name;
import
org.springframework.data.domain.Persistable;
import
org.springframework.ldap.odm.annotations.Attribute;
import
org.springframework.ldap.odm.annotations.DnAttribute;
import
org.springframework.ldap.odm.annotations.Entry;
import
org.springframework.ldap.odm.annotations.Id;
import
org.springframework.ldap.odm.annotations.Transient;
import
org.springframework.ldap.support.LdapUtils;
/**
* @author jgh
*/
@Entry
(objectClasses = {
"organizationalUnit"
,
"top"
})
public
final
class
JWOrganization
implements
Persistable<Name>{
private
static
final
long
serialVersionUID = 1L;
@Id
private
Name id;
@Attribute
(name =
"ou"
)
@DnAttribute
(value=
"ou"
)
private
String fullName;
@Transient
private
String orgCode;
@Transient
private
String orgName;
@Transient
private
String orgParentCode;
@Transient
private
String orgType;
@Transient
private
List<JWOrganization> children =
new
ArrayList<JWOrganization>();
public
List<JWOrganization> getChildren() {
return
children;
}
public
void
setChildren(List<JWOrganization> children) {
this
.children = children;
}
public
JWOrganization(String orgCode, String orgName,
String orgParentCode, String orgType) {
this
.orgCode=orgCode;
this
.orgName=orgName;
this
.orgParentCode= orgParentCode;
this
.orgType=orgType;
this
.fullName = orgName;
}
public
JWOrganization() {
// TODO Auto-generated constructor stub
}
public
void
setId(Name id) {
this
.id = id;
}
public
void
setId(String id) {
this
.id = LdapUtils.newLdapName(id);
}
public
String getOrgCode() {
return
orgCode;
}
public
void
setOrgCode(String orgCode) {
this
.orgCode = orgCode;
}
public
String getOrgName() {
return
orgName;
}
public
void
setOrgName(String orgName) {
this
.orgName = orgName;
}
public
String getOrgParentCode() {
return
orgParentCode;
}
public
void
setOrgParentCode(String orgParentCode) {
this
.orgParentCode = orgParentCode;
}
public
String getOrgType() {
return
orgType;
}
public
void
setOrgType(String orgType) {
this
.orgType = orgType;
}
public
String getFullName() {
return
fullName;
}
public
void
setFullName(String fullName) {
this
.fullName = fullName;
}
@Override
public
boolean
isNew() {
// Serializable id = getId();
// return id == null || StringUtils.isBlank(String.valueOf(id));
return
true
;
}
@Override
public
Name getId() {
return
this
.id;
}
}
|
用户类
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
|
/*
* Copyright 2005-2013 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.springframework.ldap.samples.useradmin.domain;
import javax.naming.Name;
import org.springframework.data.domain.Persistable;
import org.springframework.ldap.odm.annotations.Attribute;
import org.springframework.ldap.odm.annotations.DnAttribute;
import org.springframework.ldap.odm.annotations.Entry;
import org.springframework.ldap.odm.annotations.Id;
import org.springframework.ldap.support.LdapUtils;
/**
* @author Mattias Hellborg Arthursson
*/
@Entry
(objectClasses = {
"inetOrgPerson"
,
"organizationalPerson"
,
"person"
,
"top"
,
"shadowAccount"
})
public
final
class
JWUser
implements
Persistable<Name>{
private
static
final
long
serialVersionUID = 1L;
@Id
private
Name id;
@Attribute
(name =
"cn"
)
@DnAttribute
(value=
"cn"
)
private
String fullName;
@Attribute
(name =
"employeeNumber"
)
private
String employeeNumber;
@Attribute
(name =
"sn"
)
private
String lastName;
@Attribute
(name =
"title"
)
private
String title;
@Attribute
(name =
"mail"
)
private
String email;
@Attribute
(name =
"telephoneNumber"
)
private
String phone;
@Attribute
(name =
"uid"
)
private
String uid;
@Attribute
(name =
"userPassword"
)
private
String userPassword;
@Override
public
Name getId() {
return
id;
}
public
void
setId(Name id) {
this
.id = id;
}
public
void
setId(String id) {
this
.id = LdapUtils.newLdapName(id);
}
public
String getEmail() {
return
email;
}
public
void
setEmail(String email) {
this
.email = email;
}
public
String getEmployeeNumber() {
return
employeeNumber;
}
public
void
setEmployeeNumber(String employeeNumber) {
this
.employeeNumber = employeeNumber;
}
public
String getFullName() {
return
fullName;
}
public
void
setFullName(String fullName) {
this
.fullName = fullName;
}
public
String getLastName() {
return
lastName;
}
public
void
setLastName(String lastName) {
this
.lastName = lastName;
}
public
String getPhone() {
return
phone;
}
public
void
setPhone(String phone) {
this
.phone = phone;
}
public
String getTitle() {
return
title;
}
public
void
setTitle(String title) {
this
.title = title;
}
public
String getUid() {
return
uid;
}
public
void
setUid(String uid) {
this
.uid = uid;
}
public
String getUserPassword() {
return
userPassword;
}
public
void
setUserPassword(String userPassword) {
this
.userPassword = userPassword;
}
@Override
public
boolean
equals(Object o) {
if
(
this
== o)
return
true
;
if
(o ==
null
|| getClass() != o.getClass())
return
false
;
JWUser user = (JWUser) o;
if
(id !=
null
? !id.equals(user.id) : user.id !=
null
)
return
false
;
return
true
;
}
@Override
public
int
hashCode() {
return
id !=
null
? id.hashCode() :
0
;
}
@Override
public
boolean
isNew() {
return
true
;
}
}
|
本文转自巧克力黒 51CTO博客,原文链接:http://blog.51cto.com/10120275/1915562,如需转载请自行联系原作者
