从JAVA应用程序检查LDAP上的用户密码

Question

我从未使用过LDAP。 我必须编写一个JAVA类，以检查用户提供的密码是否正确。 用户/密码存储在WSO2IS的LDAP服务器中。 这是配置：

<UserManager>
<Realm>
    <Configuration>
    <AddAdmin>true</AddAdmin>
            <AdminRole>admin</AdminRole>
            <AdminUser>
                 <UserName>admin</UserName>
                 <Password>admin</Password>
            </AdminUser>
        <EveryOneRoleName>everyone</EveryOneRoleName> <!-- By default users in this role sees the registry root -->
        <Property name="dataSource">jdbc/WSO2CarbonDB</Property>
        <Property name="MultiTenantRealmConfigBuilder">org.wso2.carbon.user.core.config.multitenancy.CommonLDAPRealmConfigBuilder</Property>
    </Configuration>

<UserStoreManager class="org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager">
        <Property name="TenantManager">org.wso2.carbon.user.core.tenant.CommonHybridLDAPTenantManager</Property>
        <Property name="ConnectionURL">ldap://localhost:10389</Property>
        <Property name="Disabled">false</Property>                       
        <Property name="ConnectionName">uid=admin,ou=system</Property>
        <Property name="ConnectionPassword">admin</Property>
        <Property name="passwordHashMethod">SHA</Property>
        <Property name="UserNameListFilter">(objectClass=person)</Property>
    <Property name="UserEntryObjectClass">identityPerson</Property>
        <Property name="UserSearchBase">ou=Users,dc=wso2,dc=org</Property>
        <Property name="UserNameSearchFilter">(&amp;(objectClass=person)(uid=?))</Property>
        <Property name="UserNameAttribute">uid</Property>
    <Property name="UsernameJavaRegEx">[a-zA-Z0-9._-|//]{3,30}$</Property>
        <Property name="UsernameJavaScriptRegEx">^[\S]{3,30}$</Property>
    <Property name="RolenameJavaScriptRegEx">^[\S]{3,30}$</Property>
        <Property name="RolenameJavaRegEx">[a-zA-Z0-9._-|//]{3,30}$</Property>
        <Property name="PasswordJavaScriptRegEx">^[\S]{5,30}$</Property>
    <Property name="ReadGroups">true</Property>
    <Property name="WriteGroups">true</Property>
    <Property name="EmptyRolesAllowed">false</Property>
        <Property name="GroupSearchBase">ou=Groups,dc=wso2,dc=org</Property>
        <Property name="GroupNameListFilter">(objectClass=groupOfNames)</Property>
        <Property name="GroupEntryObjectClass">groupOfNames</Property>
        <Property name="GroupNameSearchFilter">(&amp;(objectClass=groupOfNames)(cn=?))</Property>
        <Property name="GroupNameAttribute">cn</Property>
        <Property name="SharedGroupNameAttribute">cn</Property>
        <Property name="SharedGroupSearchBase">ou=SharedGroups,dc=wso2,dc=org</Property>
        <Property name="SharedGroupEntryObjectClass">groupOfNames</Property>
        <Property name="SharedGroupNameListFilter">(objectClass=groupOfNames)</Property>
        <Property name="SharedGroupNameSearchFilter">(&amp;(objectClass=groupOfNames)(cn=?))</Property>
        <Property name="SharedTenantNameListFilter">(objectClass=organizationalUnit)</Property>
        <Property name="SharedTenantNameAttribute">ou</Property>
        <Property name="SharedTenantObjectClass">organizationalUnit</Property>
        <Property name="MembershipAttribute">member</Property>
        <Property name="UserRolesCacheEnabled">true</Property>
    <Property name="ReplaceEscapeCharactersAtUserLogin">true</Property>
        <Property name="MaxRoleNameListLength">100</Property>
        <Property name="MaxUserNameListLength">100</Property>
        <Property name="SCIMEnabled">false</Property>
    </UserStoreManager>

    <AuthorizationManager
        class="org.wso2.carbon.user.core.authorization.JDBCAuthorizationManager">
        <Property name="AdminRoleManagementPermissions">/permission</Property>
    <Property name="AuthorizationCacheEnabled">true</Property>
    </AuthorizationManager>
</Realm>

你能帮我么？。 我不知道从哪里开始。 谢谢。

Answer 1

您需要使用某些身份验证API检查用户的用户名/密码。 有一个称为RemoteUserStoreManagerService Web服务服务，可用于验证用户/用户密码。 此API也可用于管理LDAP中的用户。 您可以添加/更新/删除LDAP用户。 有关API的更多详细信息，可以从此处通过简单的Java客户端调用此API来找到