1. 程式人生 > >使用者名稱+密碼登入ldap伺服器,注意密碼沒有儲存在ldap中的password

使用者名稱+密碼登入ldap伺服器,注意密碼沒有儲存在ldap中的password

用使用者名稱+密碼模擬登入ldap伺服器,不是從ldap中獲取密碼比較

public class LdapUserAuthenticate {
	private String URL = "ldap://10.41.83.236:389/";
	private String BASEDN = "dc=zte,dc=intra";
	private String FACTORY = "com.sun.jndi.ldap.LdapCtxFactory";
	private LdapContext ctx = null;
	private Hashtable<String, String> env=null;
	private Control[] connCtls = null;
	private SearchResult searchResult;

	private void connectToLDAPServer() {
		env = new Hashtable<String, String>();
		env.put(Context.INITIAL_CONTEXT_FACTORY, FACTORY);
		env.put(Context.PROVIDER_URL, URL + BASEDN);// LDAP server
		env.put(Context.SECURITY_AUTHENTICATION, "simple");
		// 此處若不指定使用者名稱和密碼,則自動轉換為匿名登入
		env.put(Context.SECURITY_PRINCIPAL,
				"cn=gitlab,ou=NM,ou=Central R&D Institute,ou=R&D Institute,dc=zte,dc=intra");
		env.put(Context.SECURITY_CREDENTIALS, "gitlab");
		try {
			connCtls = new Control[] { new LdapADManagerControl() };
			ctx = new InitialLdapContext(env, connCtls);
		} catch (javax.naming.AuthenticationException e) {
			System.out.println("Authentication faild: " + e.toString());
		} catch (Exception e) {
			System.out.println("Something wrong while authenticating: " + e.toString());
		}
	}

	class LdapADManagerControl implements Control {

		@Override
		public String getID() {
			// TODO Auto-generated method stub
			return null;
		}

		@Override
		public boolean isCritical() {
			// TODO Auto-generated method stub
			return false;
		}

		@Override
		public byte[] getEncodedValue() {
			// TODO Auto-generated method stub
			return null;
		}

	}

	private String getUserDN(String ID) {
		String userDN = "";
		connectToLDAPServer();
		try {
			SearchControls constraints = new SearchControls();
			constraints.setSearchScope(SearchControls.SUBTREE_SCOPE);
			NamingEnumeration<?> en = ctx.search("", "sAMAccountName=" + ID, constraints);
			if (en == null) {
				System.out.println("Have no NamingEnumeration.");
			}
			if (!en.hasMoreElements()) {
				System.out.println("Have no element.");
			}
			while (en != null && en.hasMoreElements()) {// maybe more than one														// // element
				Object obj = en.nextElement();
				if (obj instanceof SearchResult) {
					SearchResult si = (SearchResult) obj;
					userDN += si.getName();
					userDN += "," + BASEDN;
					searchResult = si;
				} else {
					System.out.println(obj);
				}
			}
		} catch (Exception e) {
			System.out.println("Exception in search():" + e);
		}
		return userDN;
	}

	public String authenricate(String ID, String password) {
		String username = null;
		if (ID.equals("") || password.equals(""))
			return null;
		else {
			String userDN = "";
			try {
				userDN = getUserDN(ID);
				if (userDN.equals(""))
					return null;
				ctx.addToEnvironment(Context.SECURITY_PRINCIPAL, userDN);
				ctx.addToEnvironment(Context.SECURITY_CREDENTIALS, password);
				ctx.reconnect(connCtls);
				String longName = (String)searchResult.getAttributes().get("CN").get();
				username = longName.split("\\d+")[0];
				return username;
			} catch (AuthenticationException e) {
				System.out.println(userDN + " is not authenticated");
				System.out.println(e.toString());
			} catch (NamingException e) {
				System.out.println(userDN + " is not authenticated");
			}catch (Exception e) {
				System.out.println(userDN + " is not authenticated");
			}
			return null;
		}
	}
}


LdapUserAuthenticate authen = new LdapUserAuthenticate();
username = authen.authenricate(userid,password);
if (username == null) {
	System.out.println("登陸失敗");
	response.sendRedirect("login.html");
}else{
	System.out.println("登陸成功");
	CookieUtil.addCookie(response, "userName", username, 1800);
	response.sendRedirect(referer);
}