我遇到以下问题:如果用户的Active Directory密码包含“&”,则用户无法登录我们的webapp。 我已经在我的本地计算机上使用端口转发到有问题的LDAP服务器进行了调试,一切正常。 但是,如果我在远程服务器上使用该密码登录,则会失败。 我在下面发布了一个ldap配置转储。 此外,我们使用简单的文本作为身份验证(!) 任何想法都会受到欢迎,因为我的想法很新鲜。
Hashtable<String, String> environment = new Hashtable<String, String>();
environment.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
environment.put(Context.SECURITY_AUTHENTICATION, "simple");
environment.put(Context.SECURITY_PRINCIPAL, domainBasedUsername);
environment.put(Context.SECURITY_CREDENTIALS, password);
environment.put(Context.PROVIDER_URL, getActiveDirectoryServerUrl())
isSynchronized:TRUE
supportedLDAPVersion:3,2
serverName:CN = ABCDC03,CN = Servers,CN = Foo-City,CN = Sites,CN = Configuration,DC = foo,DC = com
supportedSASLMechanisms:GSSAPI,GSS-SPNEGO,EXTERNAL,DIGEST-MD5
ldapServiceName:foo.com:abcdc03$@FOO.COM
namingContexts:DC = foo,DC = com,CN = Configuration,DC = foo,DC = com,CN = Schema,CN = Configuration,DC = foo,DC = com,DC = DomainDnsZones,DC = foo,DC = com,DC = ForestDnsZones,DC = foo,DC = com
domainControllerFunctionality:3
supportedLDAPPolicies:MaxPoolThreads,MaxDatagramRecv,MaxReceiveBuffer,InitRecvTimeout,MaxConnections,MaxConnIdleTime,MaxPageSize,MaxQueryDuration,MaxTempTableSize,MaxResultSetSize,MaxNotificationPerConn,MaxValRange
forestFunctionality:2
configurationNamingContext:CN = Configuration,DC = foo,DC = com
rootDomainNamingContext:DC = foo,DC = com
SchemaNamingContext:CN = Schema,CN = Configuration,DC = foo,DC = com
subschemaSubentry:CN = Aggregate,CN = Schema,CN = Configuration,DC = foo,DC = com
supportedControl:1.2.840.113556.1.4.319,1.2.840.113556.1.4.801,1.2.840.113556.1.4.473,12.840.113556.1.4.528,1.2.840.113556.1.4.417,1.2.840.113556.1.4 .619,1.2.840.113556.1.4.841,1.2.840.113556.1.4.529,1.2.840.113556.1.4.805,1.2.840.113556.1.4.521,1.2.840.113556.1.4.970,1.2.840.113556.1.4.1338 ,1.2.840.113556.1.4.474,1.2.840.113556.1.4.1339,1.2.840.113556.1.4.1340,1.2.840.113556.1.4.1413,2.16.840.1.113730.3.4.9,2.16.840.1.113730.3.4.10,1.2 .840.113556.1.4.1504,1.2.840.113556.1.4.1852,1.2.840.113556.1.4.802,1.2.840.113556.1.4.1907,1.2.840.113556.1.4.1948,1.2.840.113556.1.4.1974,1.2.840.113556 .1.4.1341,1.2.840.113556.1.4.2026
highestCommittedUSN:9122909
domainFunctionality:2
dnsHostName:ABCDC03.foo.com
currentTime:20120105081254.0Z
dsServiceName:CN = NTDS设置,CN = ABCDC03,CN =服务器,CN = Foo-City,CN =网站,CN =配置,DC = foo,DC = com
isGlobalCatalogReady:TRUE
defaultNamingContext:DC = foo,DC = com
supportedCapabilities:1.2.840.113556.1.4.800,1.2.840.113556.1.4.1670,1.2.840.113556.1.4.1791,1.2.840.113556.1.4.1935
答案 0 :(得分:1)
我认为问题可能是通过webapp实际传递密码。密码字段可能需要清理,因为它包含一个&符号,在您的代码中的某些位置可能是一个特殊字符(不确定您的不同代码块可能编写或不编写的语言)。我遇到类似问题的一个例子,我在Word中编写语句以粘贴到Oracle中,但是我不小心在Word中使用了TAB,这破坏了Oracle中的所有内容。