mirror of https://github.com/abpframework/abp
				
				
				
			Merge pull request #4984 from abpframework/maliming/ldap
	
		
	
				
					
				
			Make Volo.Abp.Ldap support multi-tenancy.pull/5011/head
						commit
						7a94bc42ae
					
				| @ -0,0 +1,44 @@ | ||||
| using Volo.Abp.Ldap.Localization; | ||||
| using Volo.Abp.Localization; | ||||
| using Volo.Abp.Settings; | ||||
| 
 | ||||
| namespace Volo.Abp.Ldap | ||||
| { | ||||
|     public class LdapSettingProvider : SettingDefinitionProvider | ||||
|     { | ||||
|         public override void Define(ISettingDefinitionContext context) | ||||
|         { | ||||
|             context.Add( | ||||
|                 new SettingDefinition( | ||||
|                     LdapSettingNames.ServerHost, | ||||
|                     "", | ||||
|                     L("DisplayName:Abp.Ldap.ServerHost"), | ||||
|                     L("Description:Abp.Ldap.ServerHost")), | ||||
| 
 | ||||
|                 new SettingDefinition( | ||||
|                     LdapSettingNames.ServerPort, | ||||
|                     "389", | ||||
|                     L("DisplayName:Abp.Ldap.ServerPort"), | ||||
|                     L("Description:Abp.Ldap.ServerPort")), | ||||
| 
 | ||||
|                 new SettingDefinition( | ||||
|                     LdapSettingNames.UserName, | ||||
|                     "", | ||||
|                     L("DisplayName:Abp.Ldap.UserName"), | ||||
|                     L("Description:Abp.Ldap.UserName")), | ||||
| 
 | ||||
|                 new SettingDefinition( | ||||
|                     LdapSettingNames.Password, | ||||
|                     "", | ||||
|                     L("DisplayName:Abp.Ldap.Password"), | ||||
|                     L("Description:Abp.Ldap.Password"), | ||||
|                     isEncrypted: true) | ||||
|             ); | ||||
|         } | ||||
| 
 | ||||
|         private static LocalizableString L(string name) | ||||
|         { | ||||
|             return LocalizableString.Create<LdapResource>(name); | ||||
|         } | ||||
|     } | ||||
| } | ||||
| @ -0,0 +1,16 @@ | ||||
| { | ||||
|   "culture": "en", | ||||
|   "texts": { | ||||
|     "DisplayName:Abp.Ldap.ServerHost": "Server host", | ||||
|     "Description:Abp.Ldap.ServerHost": "Server host", | ||||
| 
 | ||||
|     "DisplayName:Abp.Ldap.ServerPort": "Server port", | ||||
|     "Description:Abp.Ldap.ServerPort": "Server port", | ||||
| 
 | ||||
|     "DisplayName:Abp.Ldap.UserName": "Username", | ||||
|     "Description:Abp.Ldap.UserName": "Username", | ||||
| 
 | ||||
|     "DisplayName:Abp.Ldap.Password": "Password", | ||||
|     "Description:Abp.Ldap.Password": "Password" | ||||
|   } | ||||
| } | ||||
| @ -0,0 +1,13 @@ | ||||
| { | ||||
|   "culture": "zh-Hans", | ||||
|   "texts": { | ||||
|     "DisplayName:Abp.Ldap.ServerHost": "服务器主机", | ||||
|     "Description:Abp.Ldap.ServerHost": "服务器主机", | ||||
|     "DisplayName:Abp.Ldap.ServerPort": "服务器端口", | ||||
|     "Description:Abp.Ldap.ServerPort": "服务器端口", | ||||
|     "DisplayName:Abp.Ldap.UserName": "用户名", | ||||
|     "Description:Abp.Ldap.UserName": "用户名", | ||||
|     "DisplayName:Abp.Ldap.Password": "密码", | ||||
|     "Description:Abp.Ldap.Password": "密码" | ||||
|   } | ||||
| } | ||||
| @ -1,171 +0,0 @@ | ||||
| # Volo.Abp.Ldap | ||||
| 
 | ||||
| # Only Authenticate(not read/write AD) | ||||
| 
 | ||||
| ## Configure | ||||
| 
 | ||||
| add section in `appsettings.json` | ||||
| 
 | ||||
| ### use SSL | ||||
| 
 | ||||
| ```json | ||||
| "LDAP": { | ||||
|     "ServerHost": "192.168.101.54",  | ||||
|     "ServerPort": 636, | ||||
|     "UseSsl": true | ||||
| } | ||||
| ``` | ||||
| 
 | ||||
| ### not use SSL | ||||
| 
 | ||||
| ```json | ||||
| "LDAP": { | ||||
|     "ServerHost": "192.168.101.54",  | ||||
|     "ServerPort": 389, | ||||
|     "UseSsl": false | ||||
| } | ||||
| ``` | ||||
| 
 | ||||
| ## Authenticate | ||||
| 
 | ||||
|  Injecting `ILdapManager` into a class. For example: | ||||
| 
 | ||||
| ```csharp | ||||
| public class TaxAppService : ApplicationService | ||||
| { | ||||
|     private readonly ILdapManager _ldapManager; | ||||
| 
 | ||||
|     public TaxAppService(ILdapManager ldapManager) | ||||
|     { | ||||
|         _ldapManager = ldapManager; | ||||
|     } | ||||
| 
 | ||||
|     public void Authenticate(string userName, string password) | ||||
|     {  | ||||
|         var result = _ldapManager.Authenticate(userName, password); | ||||
|     } | ||||
| } | ||||
| ``` | ||||
| 
 | ||||
| - `userName` must be full domain name. E.g abc@abc.com  | ||||
| 
 | ||||
| # Read/Write AD | ||||
| 
 | ||||
| ## Configure | ||||
| 
 | ||||
| ### use SSL | ||||
| 
 | ||||
| ```json | ||||
| "LDAP": { | ||||
|     "ServerHost": "192.168.101.54", | ||||
|     "ServerPort": 636, | ||||
|     "UseSsl": true, | ||||
|     "Credentials": { | ||||
|         "DomainUserName": "administrator@yourdomain.com.cn", | ||||
|         "Password": "yH.20190528" | ||||
|     }, | ||||
|     "SearchBase": "DC=yourdomain,DC=com,DC=cn", | ||||
|     "DomainName": "yourdomain.com.cn", | ||||
|     "DomainDistinguishedName": "DC=yourdomain,DC=com,DC=cn" | ||||
| } | ||||
| ``` | ||||
| 
 | ||||
| ### not use SSL | ||||
| 
 | ||||
| ```json | ||||
| "LDAP": { | ||||
|     "ServerHost": "192.168.101.54", | ||||
|     "ServerPort": 389, | ||||
|     "UseSsl": false, | ||||
|     "Credentials": { | ||||
|         "DomainUserName": "administrator@yourdomain.com.cn", | ||||
|         "Password": "yH.20190528" | ||||
|     }, | ||||
|     "SearchBase": "DC=yourdomain,DC=com,DC=cn", | ||||
|     "DomainName": "yourdomain.com.cn", | ||||
|     "DomainDistinguishedName": "DC=yourdomain,DC=com,DC=cn" | ||||
| } | ||||
| ``` | ||||
| 
 | ||||
| - `Credentials:DomainUserName` a administrator of AD. | ||||
| 
 | ||||
| - `Credentials:Password` the password for the administrator. | ||||
| - `SearchBase`:  where search from AD. | ||||
| - `DomainName`: name of you domain. no need `www`. | ||||
| - `DomainDistinguishedName`: distinguished name of root domain. | ||||
| 
 | ||||
| ## Query Organizations | ||||
| 
 | ||||
| ```cs | ||||
| // query all organizations | ||||
| // filter: (&(objectClass=organizationalUnit))  | ||||
| _ldapManager.GetOrganizations(); | ||||
| 
 | ||||
| // query organizations by name | ||||
| // filter: (&(name=abc)(objectClass=organizationalUnit)) | ||||
| _ldapManager.GetOrganizations("abc"); | ||||
| 
 | ||||
| ``` | ||||
| 
 | ||||
| ## Query Organization | ||||
| 
 | ||||
| ```csharp | ||||
| // query organization by distinguished name | ||||
| // filter: (&(distinguishedName=abc)(objectClass=organizationalUnit)) | ||||
| _ldapManager.GetOrganization("abc"); | ||||
| 
 | ||||
| ``` | ||||
| 
 | ||||
| ## Add Organization | ||||
| 
 | ||||
| ```csharp | ||||
| // use LdapOrganization | ||||
| _ldapManager.AddSubOrganization("nameA", parentOrganization); | ||||
| 
 | ||||
| // or use OrganizationDistinguishedName | ||||
| _ldapManager.AddSubOrganization("nameA", "OU=Domain Controllers,DC=yourdomain,DC=com,DC=cn"); | ||||
| ``` | ||||
| 
 | ||||
| ## Query Users | ||||
| 
 | ||||
| ```cs | ||||
| // query all users | ||||
| // filter: (&(objectCategory=person)(objectClass=user)) | ||||
| _ldapManager.GetUsers(); | ||||
| 
 | ||||
| // query organizations by name | ||||
| // filter: (&(name=abc)(objectCategory=person)(objectClass=user)) | ||||
| _ldapManager.GetUsers(name : "abc"); | ||||
| 
 | ||||
| // query organizations by displayName | ||||
| // filter: (&(displayName=abc)(objectCategory=person)(objectClass=user)) | ||||
| _ldapManager.GetUsers(displayName : "abc"); | ||||
| 
 | ||||
| // query organization by commonName | ||||
| // filter: (&(cn=abc)(objectCategory=person)(objectClass=user)) | ||||
| _ldapManager.GetUsers(commonName : "abc"); | ||||
| 
 | ||||
| ``` | ||||
| 
 | ||||
| ## Query User | ||||
| 
 | ||||
| ```csharp | ||||
| // query a user by distinguished name | ||||
| // filter: (&(distinguishedName=abc)(objectCategory=person)(objectClass=user)) | ||||
| _ldapManager.GetUser("abc"); | ||||
| 
 | ||||
| ``` | ||||
| 
 | ||||
| ## Add User | ||||
| 
 | ||||
| ```csharp | ||||
| // use LdapOrganization | ||||
| _ldapManager.AddUserToOrganization("nameA", "passwordA", parentOrganization); | ||||
| 
 | ||||
| // or use OrganizationDistinguishedName | ||||
| _ldapManager.AddUserToOrganization("nameA", "passwordA", "OU=Domain Controllers,DC=yourdomain,DC=com,DC=cn"); | ||||
| ``` | ||||
| 
 | ||||
| # More | ||||
| 
 | ||||
| See [unit test](../../test/Volo.Abp.Ldap.Tests) | ||||
					Loading…
					
					
				
		Reference in new issue
	
	 Halil İbrahim Kalkan
						Halil İbrahim Kalkan