Created
June 11, 2012 12:20
-
-
Save jbarber/2909828 to your computer and use it in GitHub Desktop.
LDAP example for searching and simple binding (authentication)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/* | |
* First create the keystore (to allow SSL protection) by importing the LDAP | |
* certificate (cert.pem) with: | |
* keytool -import -keystore keystore -storepass changeit -noprompt -file cert.pem | |
* | |
* You can get the certificate with OpenSSL: | |
* openssl s_client -connect ldap.server.com:636 </dev/null 2>/dev/null | sed -n '/^-----BEGIN/,/^-----END/ { p }' > cert.pem | |
* | |
* Then compile this class with: | |
* javac LdapAuth.java | |
* | |
* Finally execute it with: | |
* java -Djavax.net.ssl.trustStore=keystore -Djavax.net.ssl.keyStorePassword=changeit LdapAuth <username> <password> | |
*/ | |
import java.util.*; | |
import javax.naming.*; | |
import java.util.regex.*; | |
import javax.naming.directory.*; | |
public class LdapAuth { | |
private final static String ldapURI = "ldaps://ldap.server.com/dc=ldap,dc=server,dc=com"; | |
private final static String contextFactory = "com.sun.jndi.ldap.LdapCtxFactory"; | |
private static DirContext ldapContext () throws Exception { | |
Hashtable<String,String> env = new Hashtable <String,String>(); | |
return ldapContext(env); | |
} | |
private static DirContext ldapContext (Hashtable <String,String>env) throws Exception { | |
env.put(Context.INITIAL_CONTEXT_FACTORY, contextFactory); | |
env.put(Context.PROVIDER_URL, ldapURI); | |
DirContext ctx = new InitialDirContext(env); | |
return ctx; | |
} | |
private static String getUid (String user) throws Exception { | |
DirContext ctx = ldapContext(); | |
String filter = "(uid=" + user + ")"; | |
SearchControls ctrl = new SearchControls(); | |
ctrl.setSearchScope(SearchControls.SUBTREE_SCOPE); | |
NamingEnumeration answer = ctx.search("", filter, ctrl); | |
String dn; | |
if (answer.hasMore()) { | |
SearchResult result = (SearchResult) answer.next(); | |
dn = result.getNameInNamespace(); | |
} | |
else { | |
dn = null; | |
} | |
answer.close(); | |
return dn; | |
} | |
private static boolean testBind (String dn, String password) throws Exception { | |
Hashtable<String,String> env = new Hashtable <String,String>(); | |
env.put(Context.SECURITY_AUTHENTICATION, "simple"); | |
env.put(Context.SECURITY_PRINCIPAL, dn); | |
env.put(Context.SECURITY_CREDENTIALS, password); | |
try { | |
ldapContext(env); | |
} | |
catch (javax.naming.AuthenticationException e) { | |
return false; | |
} | |
return true; | |
} | |
public static void main(String args[]) throws Exception { | |
if (args.length != 2) { | |
System.out.println( "missing requried username and password" ); | |
System.exit(1); | |
} | |
String user = args[0]; | |
String password = args[1]; | |
String dn = getUid( user ); | |
if (dn != null) { | |
/* Found user - test password */ | |
if ( testBind( dn, password ) ) { | |
System.out.println( "user '" + user + "' authentication succeeded" ); | |
System.exit(0); | |
} | |
else { | |
System.out.println( "user '" + user + "' authentication failed" ); | |
System.exit(1); | |
} | |
} | |
else { | |
System.out.println( "user '" + user + "' not found" ); | |
System.exit(1); | |
} | |
} | |
} |
Hello i want to store a user in ldap i use bind method but when i search the user in ldap i found it but serialisable ,
It worked great! Thanks for sharing!
Brilliant!
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Thanks for the write up but as @surighanta pointed that anonymous search was not allowed in their environment, I too faced such an issue.
Can you help me in getting what all authentication protocols is supported by the server to which i am trying to bind. Is there a programmatic way to find that so that i can query the user for the appropriate additional information.
Thanks,
-Navneet