You can access LDAP through Python, but what about Java applications? As mentioned earlier, JNDI technology supports directory access from Java applications, and is part of the Java platform.
You are probably writing a web-facing application that sits in an application server like GlassFish. I wrote a quick a dirty web application (⁞zipped here) that does authentication and searches in much the same way as the Python code. I had already installed OpenDS SE 2.0, and imported Example.ldif for the data. Here is the top page.
Using the hint, I authenticated as bjensen.
Here's the relevant JSP code.
<h2>LDAP Authentication Results</h2>
<p>Return to <a href="index.jsp">top page</a>.</p><hr />
<%
String user = request.getParameter("user");
String password = request.getParameter("password");
String filter = "(|(uid=" + user + ")" + "(mail=" + user + "@*))";
String cliEquiv = "<tt>ldapsearch -h " + server + " -p " +
port + " -b " + basedn + " \"" + filter + "\"</tt></p>";
%>
<p>Equivalent command line:<br /><%= cliEquiv%><hr />
<%
// Connect to the LDAP server.
Hashtable env = new Hashtable(11);
env.put(Context.INITIAL_CONTEXT_FACTORY,
"com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.PROVIDER_URL, "ldap://" + server + ":" + port + "/");
// Search and retrieve DN.
try {
LdapContext ldap = new InitialLdapContext(env, null);
NamingEnumeration results = ldap.search(basedn, filter, null);
String binddn = "None";
while (results.hasMore()) {
SearchResult sr = (SearchResult) results.next();
binddn = sr.getName() + "," + basedn;
}
%>
<p>Bind DN found: <%= binddn%><hr /></p>
<%
ldap.close();
// Authenticate
env.put(Context.SECURITY_AUTHENTICATION, "simple");
env.put(Context.SECURITY_PRINCIPAL, binddn);
env.put(Context.SECURITY_CREDENTIALS, password);
ldap = new InitialLdapContext(env, null);
%>
<p>Successful authentication for <%= user%>.</p>
<%
} catch (AuthenticationException ae) {
ae.printStackTrace();
%>
<p>Failed authentication for <%= user%>.</p>
<%
} catch (NamingException e) {
e.printStackTrace();
}
%>
<hr /><p>Return to <a href="index.jsp">top page</a>.</p>
Searches are even simpler.
This returns a page with all the users having jensen in their name.
The relevant JSP code for this one follows.
<h2>LDAP Search Results</h2>
<p>Return to <a href="index.jsp">top page</a>.</p><hr />
<%
String name = request.getParameter("name");
String filter = "(|(cn=*" + name + "*)" + "(sn=*" + name + "*))";
String cliEquiv = "<tt>ldapsearch -h " + server + " -p " +
port + " -b " + basedn + " \"" + filter + "\"</tt></p>";
%>
<p>Equivalent command line:<br /><%= cliEquiv%><hr />
<%
// Connect to the LDAP server.
Hashtable env = new Hashtable(11);
env.put(Context.INITIAL_CONTEXT_FACTORY,
"com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.PROVIDER_URL, "ldap://" + server + ":" + port + "/");
// Search for entries and display results.
try {
LdapContext ldap = new InitialLdapContext(env, null);
NamingEnumeration results = ldap.search(basedn, filter, null);
%>
<pre>
<%
String noresult = "";
if (!results.hasMoreElements()) noresult = "No results found.";
%>
<%= noresult %><%
while (results.hasMore()) {
SearchResult sr = (SearchResult) results.next();
Attributes attrs = sr.getAttributes();
Attribute uid = attrs.get("uid");
Attribute mail = attrs.get("uid");
%>
DN : <%= sr.getName() + "," + basedn%>
Uid : <%= uid%>
Email: <%= mail%>
<%
}
ldap.close();
} catch (NamingException e) {
e.printStackTrace();
}
%>
</pre>
Thanks. I saved the entire page by Greasemonkey. But the link to zipped web application is broken.
Posted by Katsumi INOUE on August 18, 2009 at 04:00 AM CEST #
Thank you for catching that.
It looks like Roller was converting spaces in the name to '+' instead of '%20'.
I fixed the link, which is http://blogs.sun.com/marginNotes/resource/java/LDAP%20Basics%20With%20Java.zip
Posted by Mark Craig on August 18, 2009 at 08:43 AM CEST #