ldap协议 java_java如何调用ldap协议【LdapContext】
背景:
做了個(gè)系統(tǒng)需要用集團(tuán)的用戶id登錄。而集團(tuán)用戶系統(tǒng)是用ldap做的。
關(guān)鍵知識點(diǎn)
1. 設(shè)置連接
ctx = new InitialLdapContext(env, connCtls);
2.設(shè)置url和查詢的子路徑
env.put(Context.PROVIDER_URL, URL);// LDAP server
env.put(Context.SECURITY_PRINCIPAL, SEARCHDN);
3. 設(shè)置密碼
env.put(Context.SECURITY_CREDENTIALS, "password");
4.取得返回值屬性
if (obj instanceof SearchResult) {
SearchResult si = (SearchResult) obj;
Attributes userInfo = si.getAttributes();
userDN += userInfo.toString();
userDN += "," + BASEDN;
}
5.不需要下載任何第三方辦,什么ldapjdk.jar不用的
背景知識:
LDAP是輕量目錄訪問協(xié)議,英文全稱是Lightweight Directory Access Protocol,一般都簡稱為LDAP。它是基于X.500標(biāo)準(zhǔn)的,但是簡單多了并且可以根據(jù)需要定制。與X.500不同,LDAP支持TCP/IP,這對訪問Internet是必須的。LDAP的核心規(guī)范在RFC中都有定義,所有與LDAP相關(guān)的RFC都可以在LDAPman RFC網(wǎng)頁中找到
附源碼如下:
package com.domain;
import java.util.Hashtable;
import javax.naming.AuthenticationException;
import javax.naming.Context;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attributes;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import javax.naming.ldap.Control;
import javax.naming.ldap.InitialLdapContext;
import javax.naming.ldap.LdapContext;
public class UserAuthenticate {
private String URL = "ldap://localhost:389";
private String SEARCHDN = "CN=alimailfad,OU=service,DC=hz,DC=ali,DC=com";
private String FACTORY = "com.sun.jndi.ldap.LdapCtxFactory";
private String BASEDN = "DC=hz,DC=ali,DC=com";
private LdapContext ctx = null;
private Hashtable env = null;
private Control[] connCtls = null;
private void LDAP_connect() {
env = new Hashtable();
env.put(Context.INITIAL_CONTEXT_FACTORY, FACTORY);
env.put(Context.PROVIDER_URL, URL);// LDAP server
env.put(Context.SECURITY_PRINCIPAL, SEARCHDN);
env.put(Context.SECURITY_AUTHENTICATION, "simple");
env.put(Context.SECURITY_CREDENTIALS, "password");
// 此處若不指定用戶名和密碼,則自動轉(zhuǎn)換為匿名登錄
try {
ctx = new InitialLdapContext(env, connCtls);
} catch (NamingException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
private String getUserDN(String email) {
String userDN = "";
LDAP_connect();
try {
String filters = "(&(&(objectCategory=person)(objectClass=user))(sAMAccountName=elbert.chenh))";
String[] returnedAtts = { "distinguishedName",
"userAccountControl", "displayName", "employeeID" };
SearchControls constraints = new SearchControls();
constraints.setSearchScope(SearchControls.SUBTREE_SCOPE);
if (returnedAtts != null && returnedAtts.length > 0) {
constraints.setReturningAttributes(returnedAtts);
}
NamingEnumeration en = ctx.search(BASEDN, filters, constraints);
if (en == null) {
System.out.println("Have no NamingEnumeration.");
}
if (!en.hasMoreElements()) {
System.out.println("Have no element.");
} else {
while (en != null && en.hasMoreElements()) {
Object obj = en.nextElement();
if (obj instanceof SearchResult) {
SearchResult si = (SearchResult) obj;
Attributes userInfo = si.getAttributes();
userDN += userInfo.toString();
userDN += "," + BASEDN;
} else {
System.out.println(obj.toString());
}
System.out.println(userDN);
}
}
} catch (Exception e) {
System.out.println("Exception in search():" + e);
}
return userDN;
}
public boolean authenricate(String ID, String password) {
boolean valide = false;
String userDN = getUserDN(ID);
try {
ctx.addToEnvironment(Context.SECURITY_PRINCIPAL, userDN);
ctx.addToEnvironment(Context.SECURITY_CREDENTIALS, password);
ctx.reconnect(connCtls);
System.out.println(userDN + " is authenticated");
valide = true;
} catch (AuthenticationException e) {
System.out.println(userDN + " is not authenticated");
System.out.println(e.toString());
valide = false;
} catch (NamingException e) {
System.out.println(userDN + " is not authenticated");
valide = false;
}
return valide;
}
}
總結(jié)
以上是生活随笔為你收集整理的ldap协议 java_java如何调用ldap协议【LdapContext】的全部內(nèi)容,希望文章能夠幫你解決所遇到的問題。
- 上一篇: Oracle 数据怎么实时同步到 MyS
- 下一篇: npm install packagen