Question

我从未使用过LDAP。我必须编写一个JAVA类来检查用户提供的密码是否正确。用户/密码存储在WSO2IS的LDAP服务器中。这是配置：

<UserManager>
<Realm>
    <Configuration>
    <AddAdmin>true</AddAdmin>
            <AdminRole>admin</AdminRole>
            <AdminUser>
                 <UserName>admin</UserName>
                 <Password>admin</Password>
            </AdminUser>
        <EveryOneRoleName>everyone</EveryOneRoleName> <!-- By default users in this role sees the registry root -->
        <Property name="dataSource">jdbc/WSO2CarbonDB</Property>
        <Property name="MultiTenantRealmConfigBuilder">org.wso2.carbon.user.core.config.multitenancy.CommonLDAPRealmConfigBuilder</Property>
    </Configuration>

<UserStoreManager class="org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager">
        <Property name="TenantManager">org.wso2.carbon.user.core.tenant.CommonHybridLDAPTenantManager</Property>
        <Property name="ConnectionURL">ldap://localhost:10389</Property>
        <Property name="Disabled">false</Property>                       
        <Property name="ConnectionName">uid=admin,ou=system</Property>
        <Property name="ConnectionPassword">admin</Property>
        <Property name="passwordHashMethod">SHA</Property>
        <Property name="UserNameListFilter">(objectClass=person)</Property>
    <Property name="UserEntryObjectClass">identityPerson</Property>
        <Property name="UserSearchBase">ou=Users,dc=wso2,dc=org</Property>
        <Property name="UserNameSearchFilter">(&amp;(objectClass=person)(uid=?))</Property>
        <Property name="UserNameAttribute">uid</Property>
    <Property name="UsernameJavaRegEx">[a-zA-Z0-9._-|//]{3,30}$</Property>
        <Property name="UsernameJavaScriptRegEx">^[\S]{3,30}$</Property>
    <Property name="RolenameJavaScriptRegEx">^[\S]{3,30}$</Property>
        <Property name="RolenameJavaRegEx">[a-zA-Z0-9._-|//]{3,30}$</Property>
        <Property name="PasswordJavaScriptRegEx">^[\S]{5,30}$</Property>
    <Property name="ReadGroups">true</Property>
    <Property name="WriteGroups">true</Property>
    <Property name="EmptyRolesAllowed">false</Property>
        <Property name="GroupSearchBase">ou=Groups,dc=wso2,dc=org</Property>
        <Property name="GroupNameListFilter">(objectClass=groupOfNames)</Property>
        <Property name="GroupEntryObjectClass">groupOfNames</Property>
        <Property name="GroupNameSearchFilter">(&amp;(objectClass=groupOfNames)(cn=?))</Property>
        <Property name="GroupNameAttribute">cn</Property>
        <Property name="SharedGroupNameAttribute">cn</Property>
        <Property name="SharedGroupSearchBase">ou=SharedGroups,dc=wso2,dc=org</Property>
        <Property name="SharedGroupEntryObjectClass">groupOfNames</Property>
        <Property name="SharedGroupNameListFilter">(objectClass=groupOfNames)</Property>
        <Property name="SharedGroupNameSearchFilter">(&amp;(objectClass=groupOfNames)(cn=?))</Property>
        <Property name="SharedTenantNameListFilter">(objectClass=organizationalUnit)</Property>
        <Property name="SharedTenantNameAttribute">ou</Property>
        <Property name="SharedTenantObjectClass">organizationalUnit</Property>
        <Property name="MembershipAttribute">member</Property>
        <Property name="UserRolesCacheEnabled">true</Property>
    <Property name="ReplaceEscapeCharactersAtUserLogin">true</Property>
        <Property name="MaxRoleNameListLength">100</Property>
        <Property name="MaxUserNameListLength">100</Property>
        <Property name="SCIMEnabled">false</Property>
    </UserStoreManager>

    <AuthorizationManager
        class="org.wso2.carbon.user.core.authorization.JDBCAuthorizationManager">
        <Property name="AdminRoleManagementPermissions">/permission</Property>
    <Property name="AuthorizationCacheEnabled">true</Property>
    </AuthorizationManager>
</Realm>

你能帮帮我吗？我不知道从哪里开始。谢谢。

Answer 1

您需要使用某些身份验证API检查用户的用户/密码。有一个名为RemoteUserStoreManagerService的Web服务服务，您可以使用它来验证用户的用户/密码。此API也可用于管理LDAP中的用户。您可以添加/更新/删除LDAP用户。有关API的更多详细信息，请参阅here，使用简单的Java客户端来调用此API

从JAVA应用程序检查LDAP上的用户密码

1 个答案: