java如何调用ldap协议【LdapContext】

2023年6月21日发(作者：)

java如何调⽤ldap协议【LdapContext】背景：做了个系统需要⽤集团的⽤户id登录。⽽集团⽤户系统是⽤ldap做的。关键知识点1. 设置连接ctx = new InitialLdapContext(env, connCtls);

2.设置url和查询的⼦路径(ER_URL, URL);// LDAP server

(TY_PRINCIPAL, SEARCHDN);

3. 设置密码(TY_CREDENTIALS, "password");4.取得返回值属性if (obj instanceof SearchResult) {

SearchResult si = (SearchResult) obj;

Attributes userInfo = ributes();

userDN += ng();

userDN += "," + BASEDN;

}

5.不需要下载任何第三⽅办，什么不⽤的背景知识：LDAP是轻量 ，英⽂全称是Lightweight Directory Access Protocol，⼀般都简称为LDAP。它是基于X.500标准的，但是简单多了并且可以根据需要定制。与X.500不同，LDAP⽀持TCP/IP，这对访问Internet是必须的。LDAP的核⼼规范在RFC中都有定义，所有与LDAP相关的RFC都可以在LDAPman RFC⽹页中找到附源码如下:package ;

import ble;

import ticationException;

import t;

import Enumeration;

import Exception;

import utes;

import Controls;

import Result;

import l;

import lLdapContext;

import ntext;

public

class UserAuthenticate {

private String URL =

"ldap://localhost:389";

private String SEARCHDN = "CN=alimailfad,OU=service,DC=hz,DC=ali,DC=com";

private String FACTORY = "xFactory";

private String BASEDN = "DC=hz,DC=ali,DC=com";

private LdapContext ctx = null;

private Hashtable env = null;

private Control[] connCtls = null;

private void LDAP_connect() {

env = new Hashtable();

(L_CONTEXT_FACTORY, FACTORY);

(ER_URL, URL);// LDAP server

(TY_PRINCIPAL, SEARCHDN); (TY_AUTHENTICATION, "simple");

(TY_CREDENTIALS, "password");

// 此处若不指定⽤户名和密码,则⾃动转换为匿名登录

try {

ctx = new InitialLdapContext(env, connCtls);

} catch (NamingException e) {

// TODO Auto-generated catch block

tackTrace();

}

}

private String getUserDN(String email) {

String userDN = "";

LDAP_connect();

try {

String filters = "(&(&(objectCategory=person)(objectClass=user))(sAMAccountName=))";

String[] returnedAtts = { "distinguishedName",

"userAccountControl", "displayName", "employeeID" };

SearchControls constraints = new SearchControls();

rchScope(E_SCOPE);

if (returnedAtts != null && > 0) {

urningAttributes(returnedAtts);

}

NamingEnumeration en = (BASEDN, filters, constraints);

if (en == null) {

n("Have no NamingEnumeration.");

}

if (!eElements()) {

n("Have no element.");

} else {

while (en != null && eElements()) {

Object obj = ement();

if (obj instanceof SearchResult) {

SearchResult si = (SearchResult) obj;

Attributes userInfo = ributes();

userDN += ng();

userDN += "," + BASEDN;

} else {

n(ng());

}

n(userDN);

}

}

} catch (Exception e) {

n("Exception in search():" + e);

}

return userDN;

}

public boolean authenricate(String ID, String password) {

boolean valide = false;

String userDN = getUserDN(ID);

try {

nvironment(TY_PRINCIPAL, userDN);

nvironment(TY_CREDENTIALS, password);

ect(connCtls);

n(userDN + " is authenticated");

valide = true;

} catch (AuthenticationException e) {

n(userDN + " is not authenticated");

n(ng());

valide = false;

} catch (NamingException e) {

n(userDN + " is not authenticated");

valide = false;

}

return valide;

}

}本⽂转⾃elbertchen 51CTO博客，原⽂链接：/linkyou/751932，如需转载请⾃⾏联系原作者

2023年6月21日发(作者：)

java如何调⽤ldap协议【LdapContext】背景：做了个系统需要⽤集团的⽤户id登录。⽽集团⽤户系统是⽤ldap做的。关键知识点1. 设置连接ctx = new InitialLdapContext(env, connCtls);

2.设置url和查询的⼦路径(ER_URL, URL);// LDAP server

(TY_PRINCIPAL, SEARCHDN);

3. 设置密码(TY_CREDENTIALS, "password");4.取得返回值属性if (obj instanceof SearchResult) {

SearchResult si = (SearchResult) obj;

Attributes userInfo = ributes();

userDN += ng();

userDN += "," + BASEDN;

}

5.不需要下载任何第三⽅办，什么不⽤的背景知识：LDAP是轻量 ，英⽂全称是Lightweight Directory Access Protocol，⼀般都简称为LDAP。它是基于X.500标准的，但是简单多了并且可以根据需要定制。与X.500不同，LDAP⽀持TCP/IP，这对访问Internet是必须的。LDAP的核⼼规范在RFC中都有定义，所有与LDAP相关的RFC都可以在LDAPman RFC⽹页中找到附源码如下:package ;

import ble;

import ticationException;

import t;

import Enumeration;

import Exception;

import utes;

import Controls;

import Result;

import l;

import lLdapContext;

import ntext;

public

class UserAuthenticate {

private String URL =

"ldap://localhost:389";

private String SEARCHDN = "CN=alimailfad,OU=service,DC=hz,DC=ali,DC=com";

private String FACTORY = "xFactory";

private String BASEDN = "DC=hz,DC=ali,DC=com";

private LdapContext ctx = null;

private Hashtable env = null;

private Control[] connCtls = null;

private void LDAP_connect() {

env = new Hashtable();

(L_CONTEXT_FACTORY, FACTORY);

(ER_URL, URL);// LDAP server

(TY_PRINCIPAL, SEARCHDN); (TY_AUTHENTICATION, "simple");

(TY_CREDENTIALS, "password");

// 此处若不指定⽤户名和密码,则⾃动转换为匿名登录

try {

ctx = new InitialLdapContext(env, connCtls);

} catch (NamingException e) {

// TODO Auto-generated catch block

tackTrace();

}

}

private String getUserDN(String email) {

String userDN = "";

LDAP_connect();

try {

String filters = "(&(&(objectCategory=person)(objectClass=user))(sAMAccountName=))";

String[] returnedAtts = { "distinguishedName",

"userAccountControl", "displayName", "employeeID" };

SearchControls constraints = new SearchControls();

rchScope(E_SCOPE);

if (returnedAtts != null && > 0) {

urningAttributes(returnedAtts);

}

NamingEnumeration en = (BASEDN, filters, constraints);

if (en == null) {

n("Have no NamingEnumeration.");

}

if (!eElements()) {

n("Have no element.");

} else {

while (en != null && eElements()) {

Object obj = ement();

if (obj instanceof SearchResult) {

SearchResult si = (SearchResult) obj;

Attributes userInfo = ributes();

userDN += ng();

userDN += "," + BASEDN;

} else {

n(ng());

}

n(userDN);

}

}

} catch (Exception e) {

n("Exception in search():" + e);

}

return userDN;

}

public boolean authenricate(String ID, String password) {

boolean valide = false;

String userDN = getUserDN(ID);

try {

nvironment(TY_PRINCIPAL, userDN);

nvironment(TY_CREDENTIALS, password);

ect(connCtls);

n(userDN + " is authenticated");

valide = true;

} catch (AuthenticationException e) {

n(userDN + " is not authenticated");

n(ng());

valide = false;

} catch (NamingException e) {

n(userDN + " is not authenticated");

valide = false;

}

return valide;

}

}本⽂转⾃elbertchen 51CTO博客，原⽂链接：/linkyou/751932，如需转载请⾃⾏联系原作者