0
我使用ApacheDS
作为目录服务器& UnboundID
作为用于输入用户及其相关组的LDAP SDK。我下面在他们所使用的方法CompareRequest
找出用户是否为特定组的成员,或者不是链接使用unboundid sdk在ApacheDS服务器组中搜索组中的用户
http://ldapwiki.willeke.com/wiki/Tips%20using%20UnboundID%20LDAP%20SDK
?
我写针对该方法的代码是这样
\t //input ---- uid = "rohit.joshi" and groupName = "Java"
\t public boolean isUserMemberOfGroup(String uid, String groupName) {
\t \t boolean answ = false;
\t \t LDAPConnection connection = connect();
\t \t try {
\t \t //userDN -- uid=rohit.joshi,ou=users,o=wipro
\t \t String userDN = "uid=" + uid + ",ou=users," + LDAP_BASE_DN;
\t \t //groupDN -- cn=Java,ou=groups,o=wipro
\t \t String groupDN = "cn=" + groupName + ",ou=groups," + LDAP_BASE_DN;
\t CompareRequest compareRequest = new CompareRequest(userDN, "uniqueMember", groupDN);
\t \t CompareResult compareResult = connection.compare(compareRequest);
\t \t \t if (compareResult.compareMatched()) {
\t \t \t \t // The user is a member of the group.
\t \t \t \t System.out.println("user is a member of group");
\t \t \t }
\t \t \t else {
\t \t \t \t // The user is not a member of the group.
\t \t \t \t System.out.println("user is not a member of group");
\t \t \t }
\t \t } catch (LDAPException e) {
\t \t \t e.printStackTrace();
\t \t }
\t \t return answ;
\t }
CREATING LDAP CONNECTOR
Connection with LDAP Server Established : true
LDAPException(resultCode=16 (no such attribute), errorMessage='NO_SUCH_ATTRIBUTE: failed for MessageType : COMPARE_REQUEST
Message ID : 1
Compare request
Entry : 'uid=mahesh.joshi,ou=users,o=wipro'
Attribute description : 'uniqueMember'
Attribute value : 'cn=Java,ou=groups,o=wipr[email protected]1d9123e1: null', diagnosticMessage='NO_SUCH_ATTRIBUTE: failed for MessageType : COMPARE_REQUEST
Message ID : 1
Compare request
Entry : 'uid=mahesh.joshi,ou=users,o=wipro'
Attribute description : 'uniqueMember'
Attribute value : 'cn=Java,ou=groups,o=wipr[email protected]1d9123e1: null')
\t at com.unboundid.ldap.sdk.LDAPConnection.compare(LDAPConnection.java:2236)
\t at com.LdapServiceImpl.isUserMemberOfGroup(LdapServiceImpl.java:380)
\t at com.App.main(App.java:102)
但运行该方法我正在在控制台错误如上所示。虽然我能够单独检查用户和组的存在,但在单个查询操作中检查它们仍然不可能。任何在这方面的建议将是一个很大的帮助。
@jim - 如果我在创建组内用户时使用uniqueMember属性,这怎么可能?即使我尝试了你的建议,但同样的错误存在。我的团队解密是这样 - cn - Java和uniqueMember - uid = mahesh.joshi,ou = users,o = wipro – joshi
我不知道。错误消息非常明确。也许如果你能把这个小组展示成一个LDIF,我们可能会看到一些东西。 – jwilleke
@Jim - 这里是我的Java目前在ldiff文件组AS-DN:CN = Java中,OU =组,O = Wipro公司 对象类:顶 对象类:groupOfUniqueNames的 CN:Java的 uniqueMember:UID = dinesh.joshi,欧= users,o = wipro uniqueMember:uid = ankit.chouhan,ou = users,o = wipro uniqueMember:uid = mahesh.joshi,ou = users,o = wipro – joshi