背景：

做了個系統需要用集團的用戶id登錄。而集團用戶系統是用ldap做的。

關鍵知識點

1. 設置連接

ctx = new InitialLdapContext(env, connCtls);

2.設置url和查詢的子路徑

env.put(Context.PROVIDER_URL, URL);// LDAP server

env.put(Context.SECURITY_PRINCIPAL, SEARCHDN);

3. 設置密碼

env.put(Context.SECURITY_CREDENTIALS, "password");

4.取得返回值屬性

if (obj instanceof SearchResult) {

SearchResult si = (SearchResult) obj;

Attributes userInfo = si.getAttributes();

userDN += userInfo.toString();

userDN += "," + BASEDN;

}

5.不需要下載任何第三方辦，什么ldapjdk.jar不用的

背景知識：

LDAP是輕量目錄訪問協議，英文全稱是Lightweight Directory Access Protocol，一般都簡稱為LDAP。它是基于X.500標準的，但是簡單多了并且可以根據需要定制。與X.500不同，LDAP支持TCP/IP，這對訪問Internet是必須的。LDAP的核心規范在RFC中都有定義，所有與LDAP相關的RFC都可以在LDAPman RFC網頁中找到

附源碼如下:

package com.domain;

import java.util.Hashtable;

import javax.naming.AuthenticationException;

import javax.naming.Context;

import javax.naming.NamingEnumeration;

import javax.naming.NamingException;

import javax.naming.directory.Attributes;

import javax.naming.directory.SearchControls;

import javax.naming.directory.SearchResult;

import javax.naming.ldap.Control;

import javax.naming.ldap.InitialLdapContext;

import javax.naming.ldap.LdapContext;

public class UserAuthenticate {

private String URL = "ldap://localhost:389";

private String SEARCHDN = "CN=alimailfad,OU=service,DC=hz,DC=ali,DC=com";

private String FACTORY = "com.sun.jndi.ldap.LdapCtxFactory";

private String BASEDN = "DC=hz,DC=ali,DC=com";

private LdapContext ctx = null;

private Hashtable env = null;

private Control[] connCtls = null;

private void LDAP_connect() {

env = new Hashtable();

env.put(Context.INITIAL_CONTEXT_FACTORY, FACTORY);

env.put(Context.PROVIDER_URL, URL);// LDAP server

env.put(Context.SECURITY_PRINCIPAL, SEARCHDN);

env.put(Context.SECURITY_AUTHENTICATION, "simple");

env.put(Context.SECURITY_CREDENTIALS, "password");

// 此處若不指定用戶名和密碼,則自動轉換為匿名登錄

try {

ctx = new InitialLdapContext(env, connCtls);

} catch (NamingException e) {

// TODO Auto-generated catch block

e.printStackTrace();

}

}

private String getUserDN(String email) {

String userDN = "";

LDAP_connect();

try {

String filters = "(&(&(objectCategory=person)(objectClass=user))(sAMAccountName=elbert.chenh))";

String[] returnedAtts = { "distinguishedName",

"userAccountControl", "displayName", "employeeID" };

SearchControls constraints = new SearchControls();

constraints.setSearchScope(SearchControls.SUBTREE_SCOPE);

if (returnedAtts != null && returnedAtts.length > 0) {

constraints.setReturningAttributes(returnedAtts);

}

NamingEnumeration en = ctx.search(BASEDN, filters, constraints);

if (en == null) {

System.out.println("Have no NamingEnumeration.");

}

if (!en.hasMoreElements()) {

System.out.println("Have no element.");

} else {

while (en != null && en.hasMoreElements()) {

Object obj = en.nextElement();

if (obj instanceof SearchResult) {

SearchResult si = (SearchResult) obj;

Attributes userInfo = si.getAttributes();

userDN += userInfo.toString();

userDN += "," + BASEDN;

} else {

System.out.println(obj.toString());

}

System.out.println(userDN);

}

}

} catch (Exception e) {

System.out.println("Exception in search():" + e);

}

return userDN;

}

public boolean authenricate(String ID, String password) {

boolean valide = false;

String userDN = getUserDN(ID);

try {

ctx.addToEnvironment(Context.SECURITY_PRINCIPAL, userDN);

ctx.addToEnvironment(Context.SECURITY_CREDENTIALS, password);

ctx.reconnect(connCtls);

System.out.println(userDN + " is authenticated");

valide = true;

} catch (AuthenticationException e) {

System.out.println(userDN + " is not authenticated");

System.out.println(e.toString());

valide = false;

} catch (NamingException e) {

System.out.println(userDN + " is not authenticated");

valide = false;

}

return valide;

}

}

總結

以上是生活随笔為你收集整理的ldap协议 java_java如何调用ldap协议【LdapContext】的全部內容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網站內容還不錯，歡迎將生活随笔推薦給好友。