ArtifactoryOSSLDAP-测试成功,但无法登录。
这可能是由于用户没有正确配置或没有分配正确的LDAP组所导致的。您可以使用以下代码示例解决此问题:
- 检查LDAP用户的dn
String searchFilter = "(&(objectClass=user)(sAMAccountName=" + userDN + "))";
SearchControls searchControls = new SearchControls();
searchControls.setSearchScope(SearchControls.SUBTREE_SCOPE);
NamingEnumeration
- 验证用户LDAP组
ModificationItem[] modificationItems = new ModificationItem[2]; modificationItems[0] = new ModificationItem(DirContext.REMOVE_ATTRIBUTE, new BasicAttribute("member", userDN)); modificationItems[1] = new ModificationItem(DirContext.ADD_ATTRIBUTE, new BasicAttribute("member", userDN));
// 在LDAP中查找组
String searchFilter = "(&(objectClass=group)(sAMAccountName=" + groupName + "))";
SearchControls searchControls = new SearchControls();
searchControls.setSearchScope(SearchControls.SUBTREE_SCOPE);
NamingEnumeration
if (results.hasMoreElements()) { SearchResult searchResult = results.nextElement(); String groupDN = searchResult.getNameInNamespace();
try {
// 验证用户是否为组成员
Attributes attributes = ldapContext.getAttributes(groupDN, new String[]{"member"});
Attribute members = attributes.get("member");
if (members != null && members.contains(userDN)) {
// 用户已是该组成员
return;
} else {
// 没有找到user DN或找到但没有在给定组中
ldapContext.modifyAttributes(groupDN, modificationItems);
}
} catch (NamingException e) {
// 处理异常,LDAP验证失败
}
} else { // 处理异常,未找到组 }
通过上述方法,您可以在LDAP中正确配置用户和组,并解决Artifactory OSS登录LDAP的问题。