 |
|
茫茫網海中的冷日
發生過的事,不可能遺忘,只是想不起來而已! |
|
|
恭喜您是本站第 1729247
位訪客!
登入 | 註冊
|
|
|
|
| 發表者 |
討論內容 |
冷日
(冷日) |
發表時間:2021/8/11 8:14 |
- Webmaster
- 註冊日: 2008/2/19
- 來自:
- 發表數: 15771
|
- [轉貼]java 如何呼叫 ldap 協議
java如何呼叫ldap協議【LdapContext】 java教程 · 發表 背景:
做了個系統需要用集團的使用者id登入。而集團使用者系統是用ldap做的。 關鍵知識點 1. 設定連線 ctx = new InitialLdapContext(env, connCtls); 2.設定url和查詢的子路徑 env.put(Context.PROVIDER_URL, URL);// LDAP serverenv.put(Context.SECURITY_PRINCIPAL, SEARCHDN); 3. 設定密碼 env.put(Context.SECURITY_CREDENTIALS, "password"); 4.取得返回值屬性 if (obj instanceof SearchResult) {SearchResult si = (SearchResult) obj;Attributes userInfo = si.getAttributes();userDN += userInfo.toString();userDN += "," + BASEDN;} 5.不需要下載任何第三方辦,什麼ldapjdk.jar不用的 背景知識: LDAP是輕量目錄訪問協議,英文全稱是Lightweight Directory Access Protocol,一般都簡稱為LDAP。它是基於X.500標準的,但是簡單多了並且可以根據需要定製。與X.500不同,LDAP支援TCP/IP,這對訪問Internet是必須的。LDAP的核心規範在RFC中都有定義,所有與LDAP相關的RFC都可以在LDAPman RFC網頁中找到 附原始碼如下:
package com.domain;
import java.util.Hashtable;
import javax.naming.AuthenticationException;
import javax.naming.Context;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attributes;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import javax.naming.ldap.Control;
import javax.naming.ldap.InitialLdapContext;
import javax.naming.ldap.LdapContext;
public class UserAuthenticate {
private String URL = "ldap://localhost:389";
private String SEARCHDN = "CN=alimailfad,OU=service,DC=hz,DC=ali,DC=com";
private String FACTORY = "com.sun.jndi.ldap.LdapCtxFactory";
private String BASEDN = "DC=hz,DC=ali,DC=com";
private LdapContext ctx = null;
private Hashtable env = null;
private Control[] connCtls = null;
private void LDAP_connect() {
env = new Hashtable();
env.put(Context.INITIAL_CONTEXT_FACTORY, FACTORY);
env.put(Context.PROVIDER_URL, URL);
// LDAP server env.put(Context.SECURITY_PRINCIPAL, SEARCHDN);
env.put(Context.SECURITY_AUTHENTICATION, "simple");
env.put(Context.SECURITY_CREDENTIALS, "password");
// 此處若不指定使用者名稱和密碼,則自動轉換為匿名登入
try {
ctx = new InitialLdapContext(env, connCtls);
} catch (NamingException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
private String getUserDN(String email) {
String userDN = "";
LDAP_connect();
try {
String filters = "(&;(&;(objectCategory=person)(objectClass=user))(sAMAccountName=elbert.chenh))";
String[] returnedAtts = { "distinguishedName", "userAccountControl", "displayName", "employeeID" };
SearchControls constraints = new SearchControls();
constraints.setSearchScope(SearchControls.SUBTREE_SCOPE);
if (returnedAtts != null && returnedAtts.length > 0) {
constraints.setReturningAttributes(returnedAtts);
}
NamingEnumeration en = ctx.search(BASEDN, filters, constraints);
if (en == null) {
System.out.println("Have no NamingEnumeration.");
}
if (!en.hasMoreElements()) {
System.out.println("Have no element.");
} else {
while (en != null && en.hasMoreElements()) {
Object obj = en.nextElement();
if (obj instanceof SearchResult) {
SearchResult si = (SearchResult) obj;
Attributes userInfo = si.getAttributes();
userDN += userInfo.toString();
userDN += "," + BASEDN;
} else {
System.out.println(obj.toString());
}
System.out.println(userDN);
}
}
} catch (Exception e) {
System.out.println("Exception in search():" + e);
}
return userDN;
}
public boolean authenricate(String ID, String password) {
boolean valide = false;
String userDN = getUserDN(ID);
try {
ctx.addToEnvironment(Context.SECURITY_PRINCIPAL, userDN);
ctx.addToEnvironment(Context.SECURITY_CREDENTIALS, password);
ctx.reconnect(connCtls);
System.out.println(userDN + " is authenticated");
valide = true;
} catch (AuthenticationException e) {
System.out.println(userDN + " is not authenticated");
System.out.println(e.toString());
valide = false;
} catch (NamingException e) {
System.out.println(userDN + " is not authenticated");
valide = false;
}
return valide;
}
}
原文出處: java如何呼叫ldap協議【LdapContext】 - IT閱讀
參考資料:javax.naming.ldap (Java Platform SE 7 )
|
|
|
|
|
討論串
|
[轉貼]java 如何呼叫 ldap 協議 (冷日