java 如何从 ldap DirContextOperations 获取 memberOf 属性
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/15436103/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
How do I Get memberOf attribute from ldap DirContextOperations
提问by jonnie
I am tring to get a list of groups a user is a member of, currently I can get most attributes as follows
我正在尝试获取用户所属组的列表,目前我可以获得以下大多数属性
CustomLdapUserDetails.Essence essence = new CustomLdapUserDetails.Essence();
essence.setDn(dn);
Object passwordValue = ctx.getObjectAttribute(passwordAttributeName);
String givennameValue = (String)ctx.getObjectAttribute("givenname");
String snValue = (String)ctx.getObjectAttribute("sn");
String titleValue = (String)ctx.getObjectAttribute("title");
essence.setFirstname(givennameValue);
essence.setLastname(snValue);
but I cannot figure out how to get the memberOf attribute. If I output the whole DirContextOperations as a String I get the following
但我不知道如何获得 memberOf 属性。如果我将整个 DirContextOperations 输出为字符串,我会得到以下结果
org.springframework.ldap.core.DirContextAdapter: dn=uid=emp123 {rdn=uid=emp123,
whenCreated=20110816063203.0Z,
objectCategory=CN=fompanyPerson,CN=Schema,CN=Configuration,CN={9F17F445-56C4-42D9-
B7C6-B630FFEA7F07}, badPwdCount=0, otherTelephone=123-456789, businessUnit=IREIRE BU,
ntAccount=DMN1\emp123, managerID=emp987, objectGUID=5?
?e6A??????/, [email protected], uid=emp123, companyWorkRelationship=EMP,
memberOf[0]=CN=ABC IREIRE,OU=AutoGroups,DC=entdir,DC=gtn,DC=com,
memberOf[1]=CN=azgEntJazzUsers,OU=AutoGroups,DC=entdir,DC=gtn,DC=com, companySite=DBL,
companyCostCenter=91827, companyBusinessGroup=IREIRE BG, ntDomain=DMN1, instanceType=4,
corpID=emp123, objectSid= I???&?C?k?J???????, st=XX, badPasswordTime=0, vdejoindn=P-
ENTDIRXXX-1:uid=emp123,DC=entdirXXX,DC=gtn,DC=com, companySourceSystem=C-WORKSYSTEM,
objectClass[0]=top, objectClass[1]=person, objectClass[2]=organizationalPerson,
objectClass[3]=user, objectClass[4]=inetOrgPerson, objectClass[5]=fompanyPerson,
company=ABC DEV, name=emp123, sn=Smith, exchangeAlias=emp123, telephoneNumber=1-987-6543,
ntDomainRelative=DMN1, uSNChanged=999111, physicalDeliveryOfficeName=DXI,
ntAccountRelative=DMN1\emp123, cn=Smith, John, exchangeServer=someServer,
documentumUserName=Smith JOHN emp123, title=SOFTWARE ENGINEER/DEVELOPER,
[email protected], msDS-UserAccountDisabled=TRUE,
managerName=Bloggs, Joe, givenName=John, uSNCreated=18418957, displayName=Smith, John,
pwdLastSet=629579433359695509, fompanyPersonStatus=A, whenChanged=20120266070711.0Z,
o=IREIRE BU, distinguishedName=uid=emp123,DC=entdirXXX,DC=gtn,DC=com, eDARevoke=N,
division=SEF-GL , manager=uid=emp987,DC=entdirXXX,DC=gtn,DC=com,
exchangeDirectory=SMXZG1DB, samAccountName=emp123, sametimeServer=cvxcluster}
What I need to get is the CN value of each memberOf into an array of Strings, I have tried:
我需要得到的是每个 memberOf 的 CN 值到一个字符串数组中,我试过:
ctx.getObjectAttribute("memberOf[1]"))
ctx.getObjectAttribute("memberOf"))
ctx.getObjectAttribute("memberOf=CN"))
I've seen examples online of setting but I could not find any examples of getting, is it really that much more complex then getting the other Attributes?
我在网上看过设置的例子,但我找不到任何获取的例子,它真的比获取其他属性复杂得多吗?
Any advice would be greatly appreciated
任何建议将不胜感激
回答by zagyi
回答by jwilleke
Are you using Active Directory as your LDAP provider? Not all LDAP providers have a memberOF attribute on the user.
您是否使用 Active Directory 作为 LDAP 提供程序?并非所有 LDAP 提供程序都对用户具有 memberOF 属性。
The proper method to get groups of a user would be to search groups for a filter like:
获取用户组的正确方法是在组中搜索过滤器,例如:
(member=<fully distinguished name of user>)
Returning attribute "CN".
返回属性“CN”。
