Idap AD 验证用户名和密码
import java.util.HashMap;?
import java.util.Hashtable;?
import java.util.Map;?
import javax.naming.Context;?
import javax.naming.NamingEnumeration;?
import javax.naming.NamingException;?
import javax.naming.directory.Attribute;?
import javax.naming.directory.Attributes;?
import javax.naming.directory.SearchControls;?
import javax.naming.directory.SearchResult;?
import javax.naming.ldap.InitialLdapContext;?
import javax.naming.ldap.LdapContext;?
public class ADAuthenticator {
???
??private String domain;?
??private String ldapHost;?
??private String searchBase;?
??public ADAuthenticator()?
?? {?
?? this.domain = "rd.**.com";?
????? this.ldapHost = "ldap://**.rd.**.com";?
?????? this.searchBase = "dc=rd,dc=ge**,dc=com";?
???? }?
?????
???? public ADAuthenticator(String domain, String host, String dn)?
???? {?
?????? this.domain = domain;?
?????? this.ldapHost = host;?
?????? this.searchBase = dn;?
???? }?
?????
???? public Map authenticate(String user, String pass)?
???? {?
?????? String returnedAtts[] ={ "sn", "givenName", "mail" };?
?????? String searchFilter = "(&(objectClass=user)(sAMAccountName=" + user + "))";?
?????
?????? //Create the search controls?
?????? SearchControls searchCtls = new SearchControls();?
?????? searchCtls.setReturningAttributes(returnedAtts);?
?????
?????? //Specify the search scope?
?????? searchCtls.setSearchScope(SearchControls.SUBTREE_SCOPE);?
?????
?????? Hashtable env = new Hashtable();?
?????? env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");?
?????? env.put(Context.PROVIDER_URL, ldapHost);?
?????? env.put(Context.SECURITY_AUTHENTICATION, "simple");?
?????? env.put(Context.SECURITY_PRINCIPAL, user + "@" + domain);?
?????? env.put(Context.SECURITY_CREDENTIALS, pass);?
?????
?????? LdapContext ctxGC = null;?
?????
?????? try
?????? {?
???????? ctxGC = new InitialLdapContext(env, null);?
???????? //Search objects in GC using filters?
???????? NamingEnumeration answer = ctxGC.search(searchBase, searchFilter, searchCtls);?
???????? while (answer.hasMoreElements())?
???????? {?
?????????? SearchResult sr = (SearchResult) answer.next();?
?????????? Attributes attrs = sr.getAttributes();?
?????????? Map amap = null;?
?????????? if (attrs != null)?
?????????? {?
???????????? amap = new HashMap();?
???????????? NamingEnumeration ne = attrs.getAll();?
???????????? while (ne.hasMore())?
???????????? {?
?????????????? Attribute attr = (Attribute) ne.next();?
?????????????? amap.put(attr.getID(), attr.get());?
???????????? }?
???????????? ne.close();?
?????????? }?
???????????? return amap;?
???????? }?
?????? }?
?????? catch (NamingException ex)?
?????? {?
???????? ex.printStackTrace();?
?????? }?
?????
?????? return null;?
???? }?
?
?
?/**
? * @param args
? */
?public static void main(String[] args) {
??// TODO Auto-generated method stub
??
??
??String tdomain = "rd.**.com";
??String tidaphost = "ldap://a***.rd.**.com";
??String tsearchbase = "dc=rd,dc=ge***,dc=com";
??ADAuthenticator ada = new ADAuthenticator(tdomain,tidaphost , tsearchbase);
??String user = "username";
??String pwd = "12345678";
??Map umap = ada.authenticate(user, pwd);
???if (umap == null)
???System.out.println("login failed");
???else {
???System.out.println("fsdklajfdalskjfjsaklfj");
???}
?}
}
