Java LDAP统一身份认证

大家好，又见面了，我是你们的朋友全栈君。

不多说直接看代码，如下：

import java.util.Hashtable;

import javax.naming.AuthenticationException; import javax.naming.Context; import javax.naming.NamingEnumeration; import javax.naming.NamingException; import javax.naming.directory.SearchControls; import javax.naming.directory.SearchResult; import javax.naming.ldap.Control; import javax.naming.ldap.InitialLdapContext; import javax.naming.ldap.LdapContext;

/** * 用户登陆认证,LDAP跨域认证，通过LDAP对用户进行更新 * */ public class LdapCheck { private static LdapContext ctx = null; private static Control[] connCtls = null;

/**** 定义LDAP的基本连接信息 ******/ // LDAP的连接地址（ldap://ip:port/）port默认为389 private static String URL = “?”; // LDAP的根DN private static String BASEDN = “dc=?,dc=?,dc=?”; // LDAP的连接账号（身份认证管理平台添加的应用账号，应用账号格式：uid=?,ou=?,dc=????） private static String PRINCIPAL = “uid=?,ou=?,dc=?,dc=?,dc=?”; // LDAP的连接账号的密码（身份认证管理平台添加的应用账号的密码） private static String PASSWORD = “?”;

public static void main(String[] args) { // 登录用户的用户名和密码 String username = “?”; String password = “?”; System.out.println(authenticate(username, password)); closeCtx(); }

// 校验用户名密码的方法 public static boolean authenticate(String usr, String pwd) { boolean valide = false; if (pwd == null || pwd == “”) return false; if (ctx == null) { getCtx(); } String userDN = getUserDN(usr); if (“”.equals(userDN) || userDN == null) { return false; } try { ctx.addToEnvironment(Context.SECURITY_PRINCIPAL, userDN); ctx.addToEnvironment(Context.SECURITY_CREDENTIALS, pwd); ctx.reconnect(connCtls); valide = true; } catch (AuthenticationException e) { System.out.println(userDN + ” is not authenticated”); System.out.println(e.toString()); valide = false; } catch (NamingException e) { System.out.println(userDN + ” is not authenticated”); valide = false; } return valide; }

public static void getCtx() { if (ctx != null) { return; } Hashtable<String, String> env = new Hashtable<String, String>(); env.put(Context.INITIAL_CONTEXT_FACTORY, “com.sun.jndi.ldap.LdapCtxFactory”); env.put(Context.PROVIDER_URL, URL + BASEDN); env.put(Context.SECURITY_AUTHENTICATION, “simple”); env.put(Context.SECURITY_PRINCIPAL, PRINCIPAL); env.put(Context.SECURITY_CREDENTIALS, PASSWORD); try { // 链接ldap ctx = new InitialLdapContext(env, connCtls); } catch (javax.naming.AuthenticationException e) { System.out.println(“Authentication faild: ” + e.toString()); } catch (Exception e) { System.out.println(“Something wrong while authenticating: ” + e.toString()); } }

public static void closeCtx() { try { if (ctx != null) ctx.close(); } catch (NamingException ex) {

} }

public static String getUserDN(String uid) { String userDN = “”; try { SearchControls constraints = new SearchControls(); constraints.setSearchScope(SearchControls.SUBTREE_SCOPE); NamingEnumeration<?> en = ctx.search(“”, “uid=” + uid, constraints); if (en == null) { System.out.println(“Have no NamingEnumeration.”); } if (!en.hasMoreElements()) { System.out.println(“Have no element.”); } while (en != null && en.hasMoreElements()) { Object obj = en.nextElement(); if (obj instanceof SearchResult) { SearchResult si = (SearchResult) obj; userDN += si.getName(); userDN += “,” + BASEDN; } else { System.out.println(obj); } System.out.println(); } } catch (Exception e) { System.out.println(“Exception in search():” + e); }

return userDN; } }

发布者：全栈程序员栈长，转载请注明出处：https://javaforall.cn/125729.html原文链接：https://javaforall.cn