Comment une recherche / authentification LDAP sur ce LDAP en Java

Je joue avec LDAP et la recherche Java. Voici mon export LDIF avec une organisation simple

version: 1 dn: dc=example,dc=com objectClass: organization objectClass: dcObject objectClass: top dc: example o: MyOrganization description: Test Description dn: ou=people, dc=example,dc=com objectClass: organizationalUnit objectClass: top ou: people description: All users in demo company dn: cn=Johnny Doe,ou=people,dc=example,dc=com objectClass: organizationalPerson objectClass: person objectClass: inetOrgPerson objectClass: top cn: Johnny Doe sn: Johnny homephone: 123-456-7890 mail: [email protected] ou: Development uid: jjohnny userpassword:: johnny dn: cn=Samuel Johnson,ou=people,dc=example,dc=com objectClass: organizationalPerson objectClass: person objectClass: inetOrgPerson objectClass: top cn: Samuel Johnson sn: Samuel homephone: 123-456-7890 mail: [email protected] ou: Accounts uid: ssam userpassword:: sammy 

Comment exécuter un extrait de code Java pour extraire tous les utilisateurs du serveur LDAP? Il n’y a pas d’authentification configurée sur mon serveur d’annuaire Apache DS.

 Hashtable env = new Hashtable(11); env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory"); env.put(Context.PROVIDER_URL, "ldap://localhost:10389/dc=example,dc=com"); env.put(Context.SECURITY_AUTHENTICATION, "none"); try { // Create initial context DirContext ctx = new InitialDirContext(env); Object obj = new Object(); // want to print all users from the LDAP server System.out.println(obj.toSsortingng()); ctx.close(); } 

  try { LdapContext ctx = new InitialLdapContext(env, null); ctx.setRequestControls(null); NamingEnumeration namingEnum ="ou=people,dc=example,dc=com", "(objectclass=user)", getSimpleSearchControls()); while (namingEnum.hasMore ()) { SearchResult result = (SearchResult) (); Atsortingbutes attrs = result.getAtsortingbutes (); System.out.println(attrs.get("cn")); } namingEnum.close(); } catch (Exception e) { e.printStackTrace(); } private SearchControls getSimpleSearchControls() { SearchControls searchControls = new SearchControls(); searchControls.setSearchScope(SearchControls.SUBTREE_SCOPE); searchControls.setTimeLimit(30000); //Ssortingng[] attrIDs = {"objectGUID"}; //searchControls.setReturningAtsortingbutes(attrIDs); return searchControls; } 

Une autre approche utilise UnboundID . Son api est très lisible et plus court

Créer une connexion Ldap

 public static LDAPConnection getConnection() throws LDAPException { // host, port, username and password return new LDAPConnection("com.example.local", 389, "[email protected]", "admin"); } 

Obtenir le résultat du filtre

 public static List getResults(LDAPConnection connection, Ssortingng baseDN, Ssortingng filter) throws LDAPSearchException { SearchResult searchResult; if (connection.isConnected()) { searchResult =, SearchScope.ONE, filter); return searchResult.getSearchEnsortinges(); } return null; } 

Obtenez toutes les unités et conteneurs d’organisation

 Ssortingng baseDN = "DC=com,DC=example,DC=local"; Ssortingng filter = "(&(|(objectClass=organizationalUnit)(objectClass=container)))"; LDAPConnection connection = getConnection(); List results = getResults(connection, baseDN, filter); 

Obtenir une unité d’organisation spécifique

 Ssortingng baseDN = "DC=com,DC=example,DC=local"; Ssortingng dn = "CN=Users,DC=com,DC=example,DC=local"; Ssortingng filterFormat = "(&(|(objectClass=organizationalUnit)(objectClass=container))(distinguishedName=%s))"; Ssortingng filter = Ssortingng.format(filterFormat, dn); LDAPConnection connection = getConnection(); List results = getResults(connection, baseDN, filter); 

Obtenez tous les utilisateurs sous une unité d’organisation

 Ssortingng baseDN = "CN=Users,DC=com,DC=example,DC=local"; Ssortingng filter = "(&(objectClass=user)(!(objectCategory=computer)))"; LDAPConnection connection = getConnection(); List results = getResults(connection, baseDN, filter); 

Obtenir un utilisateur spécifique sous une unité d’organisation

 Ssortingng baseDN = "CN=Users,DC=com,DC=example,DC=local"; Ssortingng userDN = "CN=abc,CN=Users,DC=com,DC=example,DC=local"; Ssortingng filterFormat = "(&(objectClass=user)(distinguishedName=%s))"; Ssortingng filter = Ssortingng.format(filterFormat, userDN); LDAPConnection connection = getConnection(); List results = getResults(connection, baseDN, filter); 

Afficher le résultat

 for (SearchResultEntry e : results) { System.out.println("name: " + e.getAtsortingbuteValue("name")); } 

Vous pouvez également utiliser le code suivant:

 package com.agileinfotech.bsviewer.ldap; import java.util.Hashtable; import java.util.ResourceBundle; import javax.naming.Context; import javax.naming.NamingException; import; import; public class LDAPLoginAuthentication { public LDAPLoginAuthentication() { // TODO Auto-generated constructor } ResourceBundle resBundle = ResourceBundle.getBundle("settings"); @SuppressWarnings("unchecked") public Ssortingng authenticateUser(Ssortingng username, Ssortingng password) { Ssortingng strUrl = "success"; Hashtable env = new Hashtable(11); boolean b = false; Ssortingng Securityprinciple = "cn=" + username + "," + resBundle.getSsortingng("UserSearch"); env.put(Context.INITIAL_CONTEXT_FACTORY, resBundle.getSsortingng("InitialContextFactory")); env.put(Context.PROVIDER_URL, resBundle.getSsortingng("Provider_url")); env.put(Context.SECURITY_AUTHENTICATION, "simple"); env.put(Context.SECURITY_PRINCIPAL, Securityprinciple); env.put(Context.SECURITY_CREDENTIALS, password); try { // Create initial context DirContext ctx = new InitialDirContext(env); // Close the context when we're done b = true; ctx.close(); } catch (NamingException e) { b = false; } finally { if (b) { strUrl = "success"; } else { strUrl = "failer"; } } return strUrl; } }