证书怎么生成的可以参考文章:https://blog.csdn.net/woloqun/article/details/90212376
将ldaps服务器的证书复制到client端,并将证书导入到本地环境
keytool -import -file apacheds.cer -alias apacheds -keystore /Library/Java/JavaVirtualMachines/jdk1.8.0_191.jdk/Contents/Home/jre/lib/security/cacerts
常用操作
keytool -delete -alias apacheds -keystore /Library/Java/JavaVirtualMachines/jdk1.8.0_191.jdk/Contents/Home/jre/lib/security/cacerts
keytool -list -keystore /Library/Java/JavaVirtualMachines/jdk1.8.0_191.jdk/Contents/Home/jre/lib/security/cacerts
测试代码
package util;
import java.util.HashMap;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.Map;
import javax.naming.*;
import javax.naming.directory.*;
import javax.naming.ldap.Control;
import javax.naming.ldap.InitialLdapContext;
import javax.naming.ldap.LdapContext;
public class LDAPAuthentication{
private final String URL = "ldaps://hhz.apacheds:10636";
private final String BASEDN = "dc=hhz,dc=hadoop"; // 根据自己情况进行修改
private final String FACTORY = "com.sun.jndi.ldap.LdapCtxFactory";
private LdapContext ctx = null;
private final Control[] connCtls = null;
private void LDAP_connect() {
Hashtable<String, String> env = new Hashtable<String, String>();
env.put(Context.INITIAL_CONTEXT_FACTORY, FACTORY);
env.put(Context.PROVIDER_URL, URL + BASEDN);
env.put(Context.SECURITY_AUTHENTICATION, "simple");
String root = "uid=admin,ou=system"; // 根,根据自己情况修改
env.put(Context.SECURITY_PRINCIPAL, root); // 管理员
env.put(Context.SECURITY_CREDENTIALS, "secret"); // 管理员密码
try {
ctx = new InitialLdapContext(env, connCtls);
System.out.println( "认证成功" );
System.out.println(ctx);
} catch (javax.naming.AuthenticationException e) {
System.out.println("认证失败:");
e.printStackTrace();
} catch (Exception e) {
System.out.println("认证出错:");
e.printStackTrace();
}
if (ctx != null) {
try {
ctx.close();
}
catch (NamingException e) {
e.printStackTrace();
}
}
}
public static void main(String[] args) {
readLdap();
}
public static void readLdap(){
Hashtable<String, String> env = new Hashtable<String, String>();
DirContext ctx = null;
env.put(Context.INITIAL_CONTEXT_FACTORY,"com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.PROVIDER_URL, "ldaps://hhz.apacheds:10636");
env.put(Context.SECURITY_AUTHENTICATION, "simple");
env.put(Context.SECURITY_PRINCIPAL, "uid=admin,ou=system");
env.put(Context.SECURITY_CREDENTIALS, "secret");
try {
ctx = new InitialDirContext(env);
} catch (NamingException e) {
e.printStackTrace();
return;
}
Map<String,String> map = new HashMap<String, String>();
try {
if(ctx != null){
NamingEnumeration<NameClassPair> list = ctx.list("ou=people,dc=hhz,dc=hadoop");
while(list.hasMore()){
NameClassPair ncp = list.next();
String cn = ncp.getName();
if(cn.indexOf("=") != -1){
int index = cn.indexOf("=");
cn = cn.substring(index + 1,cn.length());
map.put(cn, ncp.getNameInNamespace());
}
}
}
} catch (NamingException e) {
e.printStackTrace();
return;
}
try {
if(ctx != null)
ctx.close();
} catch (NamingException e) {
e.printStackTrace();
}
Iterator<Map.Entry<String,String>> it = map.entrySet().iterator();
while(it.hasNext()){
Map.Entry<String,String> entry = it.next();
System.out.println("Key:"+entry.getKey());
System.out.println("Value:"+entry.getValue());
}
}
}
输出:
Key:leo
Value:uid=leo,ou=people,dc=hhz,dc=hadoop