使用未绑定的ID

时间:2016-01-28 08:44:31

标签: java active-directory ldap jndi unboundid-ldap-sdk

我希望使用unboundID对AD进行身份验证,但是我在绑定操作上收到了serverdown错误。 当我通过JNDI而不是unboundID执行此操作时,请求正常工作。 我在网上查了一下,大多数人似乎也有类似的做事方式。 对于例如我特里提到了这个答案 LDAP: How to authenticate user with connection details

这是我的代码

public class LDAPSearch_unboundID {

private static final String LDAPIP = "hostname";
private static final int LDAPPORT = 636;
private static final String USERDN = "adminuser"; 
private static final String PASSWD = "adminpass";
private static final String SEARCHDN = "DC=AA,DC=BB,DC=CC";

public static void main(String[] args) {

    authUser();
}

private static void authUser(String userid) {

     BindRequest bindRequest = new SimpleBindRequest(SEARCHDN,PASSWD);
     System.out.println("101");
     try {
     LDAPConnection ldapConnection = new LDAPConnection(LDAPIP,LDAPPORT);
     //LDAPConnection ldapConnection = new LDAPConnection(lco, LDAPIP,LDAPPORT, SEARCHDN, PASSWD);
     System.out.println("102");
     BindResult bindResult = ldapConnection.bind(bindRequest);
     System.out.println("103");
     ResultCode resultCode = bindResult.getResultCode();
     System.out.println("104");
     if(resultCode.equals(ResultCode.SUCCESS))
     {
         System.out.println("Authentication SUCCESS!!!");
     }
     else
     {
         System.out.println("Authentication FAILED!!!");
     }
     ldapConnection.close();
     } 
     catch (LDAPException e){
        e.printStackTrace();
     }

     }


}

这里的输出是

  

101   102   LDAPException(resultCode = 81(服务器关闭),errorMessage ='与服务器host:port的连接在等待绑定请求SimpleBindRequest的响应时关闭(dn =' DC = AA,DC = BB, DC = CC'):尝试从服务器读取响应时发生I / O错误:java.net.SocketException:Connection reset')       在com.unboundid.ldap.sdk.SimpleBindRequest.handleResponse(SimpleBindRequest.java:718)       在com.unboundid.ldap.sdk.SimpleBindRequest.process(SimpleBindRequest.java:570)       在com.unboundid.ldap.sdk.LDAPConnection.bind(LDAPConnection.java:2150)       at ldapConnection.LDAPSearch_unboundID.authUser(LDAPSearch_unboundID.java:45)       在ldapConnection.LDAPSearch_unboundID.main(LDAPSearch_unboundID.java:34)

我已经尝试过使用其他几台AD服务器了。我做错了什么?

更新:我必须补充说我正在使用SSL连接。 我已尝试使用此更新代码的ldapconnection部分。

         SSLSocketFactory socketFactory = sslUtil.createSSLSocketFactory();
     LDAPConnection ldapConnection = new LDAPConnection(socketFactory);
     ldapConnection.connect(LDAPIP,LDAPPORT);
     System.out.println("102");
     BindResult bindResult = ldapConnection.bind(bindRequest);

现在我收到此错误

  

101   102   LDAPException(resultCode = 49(凭证无效),errorMessage =' 80090308:LdapErr:DSID-0C0903A9,注释:AcceptSecurityContext错误,数据57 ,v1db1       在com.unboundid.ldap.sdk.LDAPConnection.bind(LDAPConnection.java:2178)       在ldapConnection.LDAPSearch_unboundID.authUser(LDAPSearch_unboundID.java:56)       在ldapConnection.LDAPSearch_unboundID.main(LDAPSearch_unboundID.java:39)

我无法查看"数据57"根据结果​​代码49。 凭证是正确的。

1 个答案:

答案 0 :(得分:2)

我用的是:

public static LDAPConnection getNewSSLConnection(String address, int port, BindRequest bindRequest) throws LDAPException, GeneralSecurityException
{
    SSLUtil sslUtil = new SSLUtil(new TrustAllTrustManager());
    SSLSocketFactory sslSocketFactory = sslUtil.createSSLSocketFactory();
    LDAPConnection ldc = new LDAPConnection(sslSocketFactory);
    ldc.connect(address, port);
    ldc.bind(bindRequest);
    return ldc;
}
除非您在CLOSED TRUSTED网络上,否则不要使用“TrustAllTrustManager()”。

查找SSLUtil的更多方法。