我正在尝试使用Java进行LDAP身份验证,但这总是返回空的结果和 usrNamespace 。还能够确认传递的用户名和密码正确。
使用我使用 cn 的用户名,我尝试将(uid=" + username + ")
更改为 cn ,但仍然给我相同的结果
如果有人可以帮助我,将不胜感激。谢谢!
public class LdapAuthenticationAdapter implements AuthenticationAdapter {
@Override
public boolean authenticate(String username, String password) throws Exception {
Properties prop = new Properties();
//set the property value
SECURITY_AUTHENTICATION = prop.getProperty("eq.SECURITY_AUTHENTICATION");
SECURITY_PRINCIPAL = prop.getProperty("eq.SECURITY_PRINCIPAL");
SECURITY_CREDENTIALS = prop.getProperty("eq.SECURITY_CREDENTIALS");
PROVIDER_URL = prop.getProperty("eq.PROVIDER_URL");
// Get admin user, password(encrypted), host, port and other LDAP parameters
// from equationConfiguration.properties
Hashtable<String, Object> env = new Hashtable<String, Object>();
env.put(Context.SECURITY_AUTHENTICATION, "simple");
env.put(Context.SECURITY_PRINCIPAL, "uid=admin,ou=system");
env.put(Context.SECURITY_CREDENTIALS, "secret");
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.PROVIDER_URL, "ldap://localhost:10389/dc=main,dc=com");
// env.put("java.naming.ldap.attributes.binary", "objectSID"); // validate this line if applicable
InitialDirContext context = new InitialDirContext(env);
SearchControls ctrls = new SearchControls();
ctrls.setReturningAttributes(new String[] { "givenName", "sn","memberOf" });
ctrls.setSearchScope(SearchControls.SUBTREE_SCOPE);
NamingEnumeration<javax.naming.directory.SearchResult> answers = null;
SearchResult result = null;
String usrNamespace = null;
try {
answers = context.search("ou=bankfusionusers", "(uid=" + username + ")", ctrls); // Get directory context
result = answers.nextElement();
usrNamespace = result.getNameInNamespace();
Properties props = new Properties();
props.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
props.put(Context.PROVIDER_URL, "ldap://localhost:10389/dc=main,dc=com");
props.put(Context.SECURITY_PRINCIPAL, usrNamespace);
props.put(Context.SECURITY_CREDENTIALS, password);
System.err.println("Entry 1");
context = new InitialDirContext(props);
}catch(NullPointerException e){
System.err.println("Unsuccessful authenticated bind " + e + "\n");
return false;
}
return true;
}//end method
}
答案 0 :(得分:0)
我稍微修改了您的代码,它在我的代码上有效。
public static void main(String[] args) throws NamingException {
Properties initialProperties = new Properties();
initialProperties.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
initialProperties.put(Context.PROVIDER_URL, "ldap://192.168.0.179:389");
initialProperties.put(Context.SECURITY_PRINCIPAL, "cn=Directory Manager");
initialProperties.put(Context.SECURITY_CREDENTIALS, "dirmanager");
initialProperties.put(Context.SECURITY_AUTHENTICATION, "simple");
InitialDirContext context = new InitialDirContext(initialProperties);
SearchControls ctrls = new SearchControls();
ctrls.setReturningAttributes(new String[] { "cn", "sn","givenname" });
ctrls.setSearchScope(SearchControls.SUBTREE_SCOPE);
NamingEnumeration<javax.naming.directory.SearchResult> answers = null;
SearchResult result = null;
String usrNamespace = null;
try {
String username = "user.997"; // I added this, I removed some of your code as well
answers = context.search("dc=example,dc=com", "(uid=" + username + ")", ctrls); // Get directory context
result = answers.nextElement();
usrNamespace = result.getNameInNamespace();
System.out.println("result variable shows : " + result);
System.out.println("usrNamespace variable shows: " + usrNamespace);
}catch(NullPointerException e){
System.err.println("Unsuccessful authenticated bind " + e + "\n");
}
}
}
在控制台中,我看到