從JAVA應用程序檢查LDAP上的用戶密碼

Question

我從未使用過LDAP。 我必須編寫一個JAVA類，以檢查用戶提供的密碼是否正確。 用戶/密碼存儲在WSO2IS的LDAP服務器中。 這是配置：

<UserManager>
<Realm>
    <Configuration>
    <AddAdmin>true</AddAdmin>
            <AdminRole>admin</AdminRole>
            <AdminUser>
                 <UserName>admin</UserName>
                 <Password>admin</Password>
            </AdminUser>
        <EveryOneRoleName>everyone</EveryOneRoleName> <!-- By default users in this role sees the registry root -->
        <Property name="dataSource">jdbc/WSO2CarbonDB</Property>
        <Property name="MultiTenantRealmConfigBuilder">org.wso2.carbon.user.core.config.multitenancy.CommonLDAPRealmConfigBuilder</Property>
    </Configuration>

<UserStoreManager class="org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager">
        <Property name="TenantManager">org.wso2.carbon.user.core.tenant.CommonHybridLDAPTenantManager</Property>
        <Property name="ConnectionURL">ldap://localhost:10389</Property>
        <Property name="Disabled">false</Property>                       
        <Property name="ConnectionName">uid=admin,ou=system</Property>
        <Property name="ConnectionPassword">admin</Property>
        <Property name="passwordHashMethod">SHA</Property>
        <Property name="UserNameListFilter">(objectClass=person)</Property>
    <Property name="UserEntryObjectClass">identityPerson</Property>
        <Property name="UserSearchBase">ou=Users,dc=wso2,dc=org</Property>
        <Property name="UserNameSearchFilter">(&amp;(objectClass=person)(uid=?))</Property>
        <Property name="UserNameAttribute">uid</Property>
    <Property name="UsernameJavaRegEx">[a-zA-Z0-9._-|//]{3,30}$</Property>
        <Property name="UsernameJavaScriptRegEx">^[\S]{3,30}$</Property>
    <Property name="RolenameJavaScriptRegEx">^[\S]{3,30}$</Property>
        <Property name="RolenameJavaRegEx">[a-zA-Z0-9._-|//]{3,30}$</Property>
        <Property name="PasswordJavaScriptRegEx">^[\S]{5,30}$</Property>
    <Property name="ReadGroups">true</Property>
    <Property name="WriteGroups">true</Property>
    <Property name="EmptyRolesAllowed">false</Property>
        <Property name="GroupSearchBase">ou=Groups,dc=wso2,dc=org</Property>
        <Property name="GroupNameListFilter">(objectClass=groupOfNames)</Property>
        <Property name="GroupEntryObjectClass">groupOfNames</Property>
        <Property name="GroupNameSearchFilter">(&amp;(objectClass=groupOfNames)(cn=?))</Property>
        <Property name="GroupNameAttribute">cn</Property>
        <Property name="SharedGroupNameAttribute">cn</Property>
        <Property name="SharedGroupSearchBase">ou=SharedGroups,dc=wso2,dc=org</Property>
        <Property name="SharedGroupEntryObjectClass">groupOfNames</Property>
        <Property name="SharedGroupNameListFilter">(objectClass=groupOfNames)</Property>
        <Property name="SharedGroupNameSearchFilter">(&amp;(objectClass=groupOfNames)(cn=?))</Property>
        <Property name="SharedTenantNameListFilter">(objectClass=organizationalUnit)</Property>
        <Property name="SharedTenantNameAttribute">ou</Property>
        <Property name="SharedTenantObjectClass">organizationalUnit</Property>
        <Property name="MembershipAttribute">member</Property>
        <Property name="UserRolesCacheEnabled">true</Property>
    <Property name="ReplaceEscapeCharactersAtUserLogin">true</Property>
        <Property name="MaxRoleNameListLength">100</Property>
        <Property name="MaxUserNameListLength">100</Property>
        <Property name="SCIMEnabled">false</Property>
    </UserStoreManager>

    <AuthorizationManager
        class="org.wso2.carbon.user.core.authorization.JDBCAuthorizationManager">
        <Property name="AdminRoleManagementPermissions">/permission</Property>
    <Property name="AuthorizationCacheEnabled">true</Property>
    </AuthorizationManager>
</Realm>

你能幫我么？。 我不知道從哪里開始。 謝謝。

Answer 1

您需要使用某些身份驗證API檢查用戶的用戶名/密碼。 有一個稱為RemoteUserStoreManagerService Web服務服務，可用於驗證用戶/用戶密碼。 此API也可用於管理LDAP中的用戶。 您可以添加/更新/刪除LDAP用戶。 有關API的更多詳細信息，可以從此處通過簡單的Java客戶端調用此API來找到