用Java建立LDAP连接
[英]Establishing LDAP Connection with Java
问题描述
I'm trying to establish an LDAP connection in Java using a function that returns an LdapContext and takes parameters for username, password, domain name, and server. 
我正在尝试使用返回LdapContext并接受用户名,密码,域名和服务器参数的函数在Java中建立LDAP连接。 Unclear on what these parameters should look like. 不清楚这些参数的外观。
I'm attempting to connect to this read-only LDAP test server. 我正在尝试连接到此只读LDAP测试服务器。 http://www.forumsys.com/tutorials/integration-how-to/ldap/online-ldap-test-server/ http://www.forumsys.com/tutorials/integration-how-to/ldap/online-ldap-test-server/
And the getConnection method I'm using is derived from the Active Directory class I have found here. 我正在使用的getConnection方法是从我在这里找到的Active Directory类派生的。 http://www.javaxt.com/wiki/Tutorials/Windows/How_to_Authenticate_Users_with_Active_Directory http://www.javaxt.com/wiki/Tutorials/Windows/How_to_Authenticate_Users_with_Active_Directory
Currently, I am trying getConnection("tesla", "password", "cn=read-only-admin,dc=example,dc=com", "ldap.forumsys.com:389"), and this is not working. 当前,我正在尝试getConnection(“ tesla”,“ password”,“ cn = read-only-admin,dc = example,dc = com”,“ ldap.forumsys.com:389”),但此操作不起作用。 I have tried switching around domain and server, as well as tried "read-only-admin.example.com" instead of "cn=...". 我尝试切换域和服务器,以及尝试使用“ read-only-admin.example.com”而不是“ cn = ...”。
getConnection function getConnection函数
public static LdapContext getConnection(String username, String password, String domainName, String serverName) throws NamingException {
if (domainName==null){
try{
String fqdn = java.net.InetAddress.getLocalHost().getCanonicalHostName();
if (fqdn.split("\\.").length>1) domainName = fqdn.substring(fqdn.indexOf(".")+1);
}
catch(java.net.UnknownHostException e){}
}
//System.out.println("Authenticating " + username + "@" + domainName + " through " + serverName);
if (password!=null){
password = password.trim();
if (password.length()==0) password = null;
}
//bind by using the specified username/password
Hashtable props = new Hashtable();
String principalName = username + "@" + domainName;
props.put(Context.SECURITY_PRINCIPAL, principalName);
if (password!=null) props.put(Context.SECURITY_CREDENTIALS, password);
String ldapURL = "ldap://" + ((serverName==null)? domainName : serverName + "." + domainName) + '/';
props.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
props.put(Context.PROVIDER_URL, ldapURL);
try{
return new InitialLdapContext(props, null);
}
catch(javax.naming.CommunicationException e){
throw new NamingException("Failed to connect to " + domainName + ((serverName==null)? "" : " through " + serverName));
}
catch(NamingException e){
throw new NamingException("Failed to authenticate " + username + "@" + domainName + ((serverName==null)? "" : " through " + serverName));
}
}
my attempt to connect 我尝试连接
try{
LdapContext ctx = ActiveDirectory.getConnection("tesla", "password", "cn=read-only-admin,dc=example,dc=com", "ldap.forumsys.com:389");
ctx.close();
}
catch(Exception e){
//Failed to authenticate user!
}
It catches the exception "javax.naming.CommunicationException". 它捕获异常“ javax.naming.CommunicationException”。
1 个解决方案
解决方案1
0 已采纳 2019-07-11 10:17:07
The problem is that you are trying to use a non-standard username to authenticate (which works with AD but not with OpenLDAP). 问题是您正在尝试使用非标准的用户名进行身份验证(该命令适用于AD,但不适用于OpenLDAP)。
String principalName = username + "@" + domainName;
props.put(Context.SECURITY_PRINCIPAL, principalName);
With OpenLDAP and as illustrated in the tutorial, the principalName should be uid=tesla,dc=example,dc=com 使用OpenLDAP并如本教程中所示,principalName应该为uid=tesla,dc=example,dc=com
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.