无法从LDAP认证后检索用户信息

时间:2019-03-28 19:20:48

标签: java ldap

我可以从LDAP进行身份验证,但是当尝试检索用户名和信息时得到

“ javax.naming.PartialResultException:[LDAP:错误代码10-0000202B:RefErr:DSID-0310082F,数据0、1个访问点

ref 1:'PKUL'“

不知道我在做什么错,下面是代码,从这里开始,如果是“ if(answer.hasMore())”,则会出现上述错误。

public class ActiveDirectory {

    private String domain;
    private String ldapHost;
    private String searchBase;

    public ActiveDirectory() {
        this.domain = "PKUL";
        this.ldapHost = "ldap://IP:389";
    }

    public Map authenticate(String user, String pass) {

        String returnedAtts[] = { "cn", "givenName", "mail" };
        String searchFilter = "(&(objectClass=user)(sAMAccountName=" + user + "))";

        //Create the search controls

        SearchControls searchCtls = new SearchControls ();
        searchCtls.setReturningAttributes (returnedAtts);

        //Specify the search scope

        searchCtls.setSearchScope (SearchControls.SUBTREE_SCOPE);

        Hashtable env = new Hashtable ();
        env.put (Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
        env.put (Context.PROVIDER_URL, ldapHost);
        env.put (Context.SECURITY_AUTHENTICATION, "simple");
        env.put (Context.SECURITY_PRINCIPAL, user + "@" + domain);
        env.put (Context.SECURITY_CREDENTIALS, pass);

        LdapContext ctxGC = null;
        boolean ldapUser = false;

        try {
            ctxGC = new InitialLdapContext (env, null);
            System.out.println ("Authenticated");

            try {
                SearchControls controls = new SearchControls ();
                controls.setSearchScope (SUBTREE_SCOPE);
                String[] attrIDs = { "distinguishedName", "sn", "givenname", "mail", "telephonenumber", "thumbnailPhoto" };
                controls.setReturningAttributes (attrIDs);
                NamingEnumeration<SearchResult> answer = ctxGC.search ("DC=PKUL", "sAMAccountName=" + user, controls);
                if (answer.hasMore ()) {
                    Attributes attrs = answer.next ().getAttributes ();
                    System.out.println (attrs.get ("distinguishedName"));
                    System.out.println (attrs.get ("givenname"));
                    System.out.println (attrs.get ("sn"));
                    System.out.println (attrs.get ("mail"));
                    System.out.println (attrs.get ("telephonenumber"));
                    //byte[] photo = (byte[])attrs.get("thumbnailPhoto").get();               

                } else {
                    System.out.println ("user not found");
                }

            } catch (Exception ex) {
                ex.printStackTrace ();
            }
        } catch (NamingException ex) {
            ex.printStackTrace ();
        }
        return null; // return
    }
}

0 个答案:

没有答案
相关问题
最新问题