Ldap登陆AD(Active Directory)进行认证的Java示例

原文地址:http://hi.baidu.com/js2007/item/24efbb0fae1c9b90a3df432a

package LdapTest;
import java.util.Hashtable;
import javax.naming.Context;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.AuthenticationException;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import javax.naming.ldap.Control;
import javax.naming.ldap.InitialLdapContext;
import javax.naming.ldap.LdapContext;
public class AuthenticationTest {
   
private String BASE_DN ="dc=statestreet,dc=com"; 
// private DirContext ctx = null;
    private LdapContext ctx = null;     
    private Hashtable env = null;
    private Control[] connCtls = null; 
    
    private void LdapConnect(){
        env = new Hashtable();
        env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
        env.put(Context.PROVIDER_URL, ");    
        env.put(Context.SECURITY_AUTHENTICATION, "simple");
        env.put(Context.SECURITY_PRINCIPAL, "cn=Manager,dc=statestreet,dc=com");
        env.put(Context.SECURITY_CREDENTIALS, "****");   //自己填入
       
        try{
            ctx = new InitialLdapContext(env,connCtls);
//          ctx = new InitialDirContext(env);
            System.out.println("Login Ldap Server Successful...");
        }catch(AuthenticationException e){
        System.out.println("Login Ldap Server Failed...");
        e.printStackTrace();
        }catch(Exception e){
        System.out.println("Login Ldap Server Wrong...\n "+e.toString());
        }
    }
    
    private String getUserDN(String userid){    
    String userDN="";    
    try{
       SearchControls constraints = new SearchControls();
            constraints.setSearchScope(SearchControls.SUBTREE_SCOPE);
        NamingEnumeration en = ctx.search("","uid="+userid,constraints); 
        if(en == null){
           System.out.println("Have NO such user!");
        }
            if(!en.hasMoreElements()){
                System.out.println("Have NO such user!");
               }
            while (en != null && en.hasMoreElements()){
            Object obj = en.nextElement();
             if(obj instanceof SearchResult){
             SearchResult si = (SearchResult) obj;
             userDN += si.getName();
             userDN += "," + BASE_DN;
             }
             else{
                 System.out.println(obj);
             }
            }
    }catch(Exception e){
            System.out.println("Exception in search user DN : "+e.toString());
        }
    return userDN;
    }
    
    public boolean Authenricate(String ID,String pwd){
    LdapConnect();
        boolean valide = false;
        String userDN = getUserDN(ID);
        
        if(userDN=="")
        return valide;
       
        try {
            ctx.addToEnvironment(Context.SECURITY_PRINCIPAL,userDN);
            ctx.addToEnvironment(Context.SECURITY_CREDENTIALS,pwd);
            ctx.reconnect(connCtls);
            System.out.println(userDN + " is authenticated! ");
            valide = true;
        }catch (AuthenticationException e) {
            System.out.println(userDN + " is NOT authenticated! ");
            valide = false;
        }catch (NamingException e) {
            System.out.println(userDN + " is NOT authenticated! ");
            valide = false;
        }
        LdapDisconnect();
        return valide;
    } 
    
    private void LdapDisconnect(){
        if (ctx != null) {
            try {
             ctx.close();
            }
            catch (NamingException e) {
             e.printStackTrace();
            }
          }
    }
}

你可能感兴趣的:(Directory)