如何查詢Ldap以獲取結果中的用戶屬性並將其用於JSF2.0表單的自動填充

Question

有人可以指導/幫助我使用JNDI與Glassfish v3.1.2建立LDAP連接。 我在這個主題上用Google搜索，只是發現有人在Glassfish中設置並使用ldap對用戶進行身份驗證。 而我需要獲取用戶數據，這些數據將顯示在我的JSF表單上，並在這些表單上創建新整體時自動完成。

我有點困惑。 Glassfish中的Ldap連接是否僅用於身份驗證和設置領域？

好的，我在搜索方法時發現了一些東西。 但是我極其有限的知識仍然阻礙着我的進步。

所以這是我在http://www.myjeeva.com/2012/05/querying-active-directory-using-java/上找到的代碼

活動目錄

/**
 * The MIT License
 *
 * Copyright (c) 2010-2012 www.myjeeva.com
 *
 * Permission is hereby granted, free of charge, to any person obtaining a copy
 * of this software and associated documentation files (the "Software"), to deal
 * in the Software without restriction, including without limitation the rights
 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 * copies of the Software, and to permit persons to whom the Software is
 * furnished to do so, subject to the following conditions:
 *
 * The above copyright notice and this permission notice shall be included in
 * all copies or substantial portions of the Software.
 *
 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 * THE SOFTWARE. 
 * 
 */
package com.LdapSearchDaoBean;

import java.util.Properties;
import java.util.logging.Logger;

import javax.naming.Context;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.DirContext;
import javax.naming.directory.InitialDirContext;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;

/**
 * Query Active Directory using Java
 * 
 * @filename ActiveDirectory.java
 * @author <a href="mailto:jeeva@myjeeva.com">Jeevanandam Madanagopal</a>
 * @copyright &copy; 2010-2012 www.myjeeva.com
 */
public class ActiveDirectory {
    // Logger
    private static final Logger LOG = Logger.getLogger(ActiveDirectory.class.getName());

    //required private variables   
    private Properties properties;
    private DirContext dirContext;
    private SearchControls searchCtls;
    private String[] returnAttributes = { "sAMAccountName", "givenName", "cn", "mail" };
    private String domainBase;
    private String baseFilter = "(&((&(objectCategory=Person)(objectClass=User)))";

    /**
     * constructor with parameter for initializing a LDAP context
     * 
     * @param username a {@link java.lang.String} object - username to establish a LDAP connection
     * @param password a {@link java.lang.String} object - password to establish a LDAP connection
     * @param domainController a {@link java.lang.String} object - domain controller name for LDAP connection
     */
    public ActiveDirectory(String username, String password, String domainController) {
        properties = new Properties();        

        properties.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
        properties.put(Context.PROVIDER_URL, "LDAP://" + domainController);
        properties.put(Context.SECURITY_PRINCIPAL, username + "@" + domainController);
        properties.put(Context.SECURITY_CREDENTIALS, password);

        //initializing active directory LDAP connection
        try {
            dirContext = new InitialDirContext(properties);
        } catch (NamingException e) {
            LOG.severe(e.getMessage());
        }

        //default domain base for search
        domainBase = getDomainBase(domainController);

        //initializing search controls
        searchCtls = new SearchControls();
        searchCtls.setSearchScope(SearchControls.SUBTREE_SCOPE);
        searchCtls.setReturningAttributes(returnAttributes);
    }

    /**
     * search the Active directory by username/email id for given search base
     * 
     * @param searchValue a {@link java.lang.String} object - search value used for AD search for eg. username or email
     * @param searchBy a {@link java.lang.String} object - scope of search by username or by email id
     * @param searchBase a {@link java.lang.String} object - search base value for scope tree for eg. DC=myjeeva,DC=com
     * @return search result a {@link javax.naming.NamingEnumeration} object - active directory search result
     * @throws NamingException
     */
    public NamingEnumeration<SearchResult> searchUser(String searchValue, String searchBy, String searchBase) throws NamingException {
        String filter = getFilter(searchValue, searchBy);       
        String base = (null == searchBase) ? domainBase : getDomainBase(searchBase); // for eg.: "DC=myjeeva,DC=com";

        return this.dirContext.search(base, filter, this.searchCtls);
    }

    /**
     * closes the LDAP connection with Domain controller
     */
    public void closeLdapConnection(){
        try {
            if(dirContext != null)
                dirContext.close();
        }
        catch (NamingException e) {
            LOG.severe(e.getMessage());            
        }
    }

    /**
     * active directory filter string value
     * 
     * @param searchValue a {@link java.lang.String} object - search value of username/email id for active directory
     * @param searchBy a {@link java.lang.String} object - scope of search by username or email id
     * @return a {@link java.lang.String} object - filter string
     */
    private String getFilter(String searchValue, String searchBy) {
        String filter = this.baseFilter;        
        if(searchBy.equals("email")) {
            filter += "(mail=" + searchValue + "))";
        } else if(searchBy.equals("username")) {
            filter += "(samaccountname=" + searchValue + "))";
        }
        return filter;
    }

    /**
     * creating a domain base value from domain controller name
     * 
     * @param base a {@link java.lang.String} object - name of the domain controller
     * @return a {@link java.lang.String} object - base name for eg. DC=myjeeva,DC=com
     */
    private static String getDomainBase(String base) {
        char[] namePair = base.toUpperCase().toCharArray();
        String dn = "DC=";
        for (int i = 0; i < namePair.length; i++) {
            if (namePair[i] == '.') {
                dn += ",DC=" + namePair[++i];
            } else {
                dn += namePair[i];
            }
        }
        return dn;
    }
}

樣本使用代碼

/**
 * The MIT License
 *
 * Copyright (c) 2010-2012 www.myjeeva.com
 *
 * Permission is hereby granted, free of charge, to any person obtaining a copy
 * of this software and associated documentation files (the "Software"), to deal
 * in the Software without restriction, including without limitation the rights
 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 * copies of the Software, and to permit persons to whom the Software is
 * furnished to do so, subject to the following conditions:
 *
 * The above copyright notice and this permission notice shall be included in
 * all copies or substantial portions of the Software.
 *
 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 * THE SOFTWARE. 
 * 
 */
package com.LdapSearchDaoBean;

import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;

import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attributes;
import javax.naming.directory.SearchResult;

/**
 * Sample program how to use ActiveDirectory class in Java
 * 
 * @filename SampleUsageActiveDirectory.java
 * @author <a href="mailto:jeeva@myjeeva.com">Jeevanandam Madanagopal</a>
 * @copyright &copy; 2010-2012 www.myjeeva.com
 */
public class SampleUsageActiveDirectory {

    /**
     * @param args
     * @throws NamingException 
     */
    public static void main(String[] args) throws NamingException, IOException {
        System.out.println("\n\nQuerying Active Directory Using Java");
        System.out.println("------------------------------------");
        String domain = "";
        String username = "";
        String password = "";
        String choice = "";
        String searchTerm = "";
        BufferedReader br = new BufferedReader(new InputStreamReader(System.in));

        System.out.println("Provide username & password for connecting AD");
        System.out.println("Enter Domain:");            
        domain = br.readLine();
        System.out.println("Enter username:");          
        username = br.readLine();           
        System.out.println("Enter password:");
        password = br.readLine();
        System.out.println("Search by username or email:");
        choice = br.readLine();
        System.out.println("Enter search term:");
        searchTerm = br.readLine();

        //Creating instance of ActiveDirectory
        ActiveDirectory activeDirectory = new ActiveDirectory(username, password, domain);

        //Searching
        NamingEnumeration<SearchResult> result = activeDirectory.searchUser(searchTerm, choice, null);

        if(result.hasMore()) {
            SearchResult rs= (SearchResult)result.next();
            Attributes attrs = rs.getAttributes();
            String temp = attrs.get("samaccountname").toString();
            System.out.println("Username    : " + temp.substring(temp.indexOf(":")+1));
            temp = attrs.get("givenname").toString();
            System.out.println("Name         : " + temp.substring(temp.indexOf(":")+1));
            temp = attrs.get("mail").toString();
            System.out.println("Email ID    : " + temp.substring(temp.indexOf(":")+1));
            temp = attrs.get("cn").toString();
            System.out.println("Display Name : " + temp.substring(temp.indexOf(":")+1) + "\n\n"); 
        } else  {
            System.out.println("No search result found!");
        }

        //Closing LDAP Connection
        activeDirectory.closeLdapConnection();
    }
}

我試圖在控制台中通過以下輸入使用以上代碼：

Querying Active Directory Using Java
------------------------------------
Provide username & password for connecting AD
Enter Domain:
DC=de,DC=*****,DC=com
Enter username:
************** ( i've hidden username)
Enter password:
************* (i've hidden password)
Search by username or email:
username
Enter search term:
user1

我得到以下錯誤

Apr 12, 2013 10:35:17 AM com.LdapSearchDaoBean.ActiveDirectory <init>
SEVERE: DC=de,DC=*****,DC=com:389
Exception in thread "main" java.lang.NullPointerException
    at com.LdapSearchDaoBean.ActiveDirectory.searchUser(ActiveDirectory.java:101)
    at com.LdapSearchDaoBean.SampleUsageActiveDirectory.main(SampleUsageActiveDirectory.java:75)

如果有人可以為我提供幫助，這可能真是太好了，而我對HowTo以及如何在JSF2.0表單的AutoComplete中實際使用它進行了一些解釋。 我真的迷失了這個話題。 提前致謝。

Answer 1

我遇到了同樣的問題，我無法解決，但也許可以為您解決問題。 當應用程序請求域時，它需要來自活動目錄的IP /地址，例如：“ 10.10.200.1:389”或“ my.activedirectoryurl：389”。

除此之外，該代碼無法正常工作，因為SampleUsageActiveDirectory的第75行中提供了空值，這將始終導致NullPointer-Exception：

NamingEnumeration<SearchResult> result = activeDirectory.searchUser(searchTerm, choice, null);

Answer 2

您遇到的錯誤是，您輸入了AD值。 對於主機名，只需使用真實的AD服務器名稱，例如ad.myserver.com或ip地址。 然后它應該工作。