使用者名稱+密碼登入ldap伺服器,注意密碼沒有儲存在ldap中的password
阿新 • • 發佈:2019-01-25
用使用者名稱+密碼模擬登入ldap伺服器,不是從ldap中獲取密碼比較
public class LdapUserAuthenticate { private String URL = "ldap://10.41.83.236:389/"; private String BASEDN = "dc=zte,dc=intra"; private String FACTORY = "com.sun.jndi.ldap.LdapCtxFactory"; private LdapContext ctx = null; private Hashtable<String, String> env=null; private Control[] connCtls = null; private SearchResult searchResult; private void connectToLDAPServer() { env = new Hashtable<String, String>(); env.put(Context.INITIAL_CONTEXT_FACTORY, FACTORY); env.put(Context.PROVIDER_URL, URL + BASEDN);// LDAP server env.put(Context.SECURITY_AUTHENTICATION, "simple"); // 此處若不指定使用者名稱和密碼,則自動轉換為匿名登入 env.put(Context.SECURITY_PRINCIPAL, "cn=gitlab,ou=NM,ou=Central R&D Institute,ou=R&D Institute,dc=zte,dc=intra"); env.put(Context.SECURITY_CREDENTIALS, "gitlab"); try { connCtls = new Control[] { new LdapADManagerControl() }; ctx = new InitialLdapContext(env, connCtls); } catch (javax.naming.AuthenticationException e) { System.out.println("Authentication faild: " + e.toString()); } catch (Exception e) { System.out.println("Something wrong while authenticating: " + e.toString()); } } class LdapADManagerControl implements Control { @Override public String getID() { // TODO Auto-generated method stub return null; } @Override public boolean isCritical() { // TODO Auto-generated method stub return false; } @Override public byte[] getEncodedValue() { // TODO Auto-generated method stub return null; } } private String getUserDN(String ID) { String userDN = ""; connectToLDAPServer(); try { SearchControls constraints = new SearchControls(); constraints.setSearchScope(SearchControls.SUBTREE_SCOPE); NamingEnumeration<?> en = ctx.search("", "sAMAccountName=" + ID, constraints); if (en == null) { System.out.println("Have no NamingEnumeration."); } if (!en.hasMoreElements()) { System.out.println("Have no element."); } while (en != null && en.hasMoreElements()) {// maybe more than one // // element Object obj = en.nextElement(); if (obj instanceof SearchResult) { SearchResult si = (SearchResult) obj; userDN += si.getName(); userDN += "," + BASEDN; searchResult = si; } else { System.out.println(obj); } } } catch (Exception e) { System.out.println("Exception in search():" + e); } return userDN; } public String authenricate(String ID, String password) { String username = null; if (ID.equals("") || password.equals("")) return null; else { String userDN = ""; try { userDN = getUserDN(ID); if (userDN.equals("")) return null; ctx.addToEnvironment(Context.SECURITY_PRINCIPAL, userDN); ctx.addToEnvironment(Context.SECURITY_CREDENTIALS, password); ctx.reconnect(connCtls); String longName = (String)searchResult.getAttributes().get("CN").get(); username = longName.split("\\d+")[0]; return username; } catch (AuthenticationException e) { System.out.println(userDN + " is not authenticated"); System.out.println(e.toString()); } catch (NamingException e) { System.out.println(userDN + " is not authenticated"); }catch (Exception e) { System.out.println(userDN + " is not authenticated"); } return null; } } }
LdapUserAuthenticate authen = new LdapUserAuthenticate(); username = authen.authenricate(userid,password); if (username == null) { System.out.println("登陸失敗"); response.sendRedirect("login.html"); }else{ System.out.println("登陸成功"); CookieUtil.addCookie(response, "userName", username, 1800); response.sendRedirect(referer); }