我对这个领域全新,对java也没有多少经验。我被分配了这个任务,我可以作为管理员和检索信息以简单模式连接,但无法重置密码。我在许多网站上发现我必须使用ssl,但是当我得到一个
时无法成功"简单绑定失败"
错误我在下面发布了我的代码以及我注释掉的代码(我之前尝试过)。请帮忙。我无法从我收到的任何来源解决问题。我使用从服务器复制到我的密钥库的证书。这是使用它的正确方法吗?如果我删除了ssl部分
env.put(Context.SECURITY_PROTOCOL,"ssl");
我得到握手异常
Problem with TLS: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: signature check failed
public class ActiveDirectory {
private DirContext ctx;
public boolean connect(String username,String password){
Hashtable<String, String> env = new Hashtable<String, String>();
// Properties env=new Properties();
env.put(Context.SECURITY_PROTOCOL,"ssl");
env.put(Context.INITIAL_CONTEXT_FACTORY,
"com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.SECURITY_AUTHENTICATION, "simple");
env.put(Context.PROVIDER_URL, "ldap://192.168.1.199:389");
env.put(Context.REFERRAL, "follow");
// The value of Context.SECURITY_PRINCIPAL must be the logon username
// with the domain name
env.put(Context.SECURITY_PRINCIPAL, username+"@xxxx.net");
// The value of the Context.SECURITY_CREDENTIALS should be the user's
// password
env.put(Context.SECURITY_CREDENTIALS, password);
try {
// Authenticate the logon user
ctx = new InitialLdapContext(env,null);
return true;
}catch(NamingException e){
System.out.println("Error in connecting : " + e.getMessage());
return false;
}
}
public boolean changePasswordAdmin(String userName,String newPassword){
try {
//set password is a ldap modfy operation
//Secure the session with TLS
StartTlsResponse tls = (StartTlsResponse)((LdapContext) ctx).extendedOperation(new StartTlsRequest());
tls.negotiate();
//set password is a ldap modfy operation
ModificationItem[] mods = new ModificationItem[1];
//Replace the "unicdodePwd" attribute with a new value
//Password must be both Unicode and a quoted string
String newQuotedPassword = "\"" + newPassword + "\"";
byte[] newUnicodePassword = newQuotedPassword.getBytes("UTF-16LE");
mods[0] = new ModificationItem(DirContext.REPLACE_ATTRIBUTE, new BasicAttribute("unicodePwd", newUnicodePassword));
// Perform the update
ctx.modifyAttributes(userName, mods);
System.out.println("Reset Password for: " + userName);
tls.close();
ctx.close();
return true;
}
catch (NamingException e) {
System.out.println("Problem resetting password: " + e);
}
catch (UnsupportedEncodingException e) {
System.out.println("Problem encoding password: " + e);
}
catch (IOException e) {
System.out.println("Problem with TLS: " + e);
}
return false;
}
public static void main(String args[]) throws NamingException {
Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
// the keystore that holds trusted root certificates
System.setProperty("javax.net.ssl.trustStore", "C:\\keystore.jks");
System.setProperty("javax.net.ssl.trustStorePassword", "****");
System.setProperty("javax.net.ssl.keyStore", "C:\\keystore.jks");
System.setProperty("javax.net.ssl.keyStorePassword", "****");
ActiveDirectory d= new ActiveDirectory();
d.connect("Administrator", "Group&Team2");
System.out.println(d.fetchData("MG"));
System.out.println(d.changePasswordAdmin("CN=Manager MG. Manager,OU=Manager,DC=xxxxx,DC=net", "Abcd@10"));
}
}