LDAP学习笔记<四>jldap实现Java对LDAP的基本操作

最新推荐文章于 2022-10-17 14:24:11 发布
最新推荐文章于 2022-10-17 14:24:11 发布
阅读量1.5k 收藏 3
点赞数
分类专栏: LDAP

[一]、概述

jldap 官网:http://www.openldap.org/jldap/

可以从官网下载源编译生成jar包,如果项目是用maven构建的,在pom.xml中增加如下内容即可:

<dependency>
	<groupId>com.novell.ldap</groupId>
	<artifactId>jldap</artifactId>
	<version>4.3</version>
	<type>jar</type>
	<scope>compile</scope>
</dependency>

[二]、基本操作

为了演示基本的操作,需要搭建个LDAP服务,有关openLDAP在windows上的安装配置可参见:http://www.micmiu.com/enterprise-app/sso/openldap-windows-config/ ,我配置好演示用的LDAP基本信息可见客户端截图:

1.查询

java代码:LDAPSearchDemo.java

package com.micmiu.ldap;

import java.io.UnsupportedEncodingException;
import java.util.Enumeration;
import java.util.Iterator;

import com.novell.ldap.LDAPAttribute;
import com.novell.ldap.LDAPAttributeSet;
import com.novell.ldap.LDAPConnection;
import com.novell.ldap.LDAPEntry;
import com.novell.ldap.LDAPException;
import com.novell.ldap.LDAPSearchResults;
import com.novell.ldap.util.Base64;

/**
 * 查询条目示例 blog http://www.micmiu.com
 *
 * @author Michael
 *
 */
public class LDAPSearchDemo {

	/**
	 *
	 * @param args
	 */
	public static void main(String[] args) {

		String ldapHost = "localhost";
		String loginDN = "cn=Manager,dc=micmiu,dc=com";
		String password = "secret";
		String searchBase = "dc=micmiu,dc=com";
		String searchFilter = "objectClass=*";

		int ldapPort = LDAPConnection.DEFAULT_PORT;
		// 查询范围
		// SCOPE_BASE、SCOPE_ONE、SCOPE_SUB、SCOPE_SUBORDINATESUBTREE
		int searchScope = LDAPConnection.SCOPE_SUB;

		LDAPConnection lc = new LDAPConnection();
		try {
			lc.connect(ldapHost, ldapPort);
			lc.bind(LDAPConnection.LDAP_V3, loginDN, password.getBytes("UTF8"));
			LDAPSearchResults searchResults = lc.search(searchBase,
					searchScope, searchFilter, null, false);

			while (searchResults.hasMore()) {
				LDAPEntry nextEntry = null;
				try {
					nextEntry = searchResults.next();
				} catch (LDAPException e) {
					System.out.println("Error: " + e.toString());
					if (e.getResultCode() == LDAPException.LDAP_TIMEOUT
							|| e.getResultCode() == LDAPException.CONNECT_ERROR) {
						break;
					} else {
						continue;
					}
				}
				System.out.println("DN =: " + nextEntry.getDN());
				System.out.println("|---- Attributes list: ");
				LDAPAttributeSet attributeSet = nextEntry.getAttributeSet();
				Iterator<LDAPAttribute> allAttributes = attributeSet.iterator();
				while (allAttributes.hasNext()) {
					LDAPAttribute attribute = allAttributes.next();
					String attributeName = attribute.getName();

					Enumeration<String> allValues = attribute.getStringValues();
					if (null == allValues) {
						continue;
					}
					while (allValues.hasMoreElements()) {
						String value = allValues.nextElement();
						if (!Base64.isLDIFSafe(value)) {
							// base64 encode and then print out
							value = Base64.encode(value.getBytes());
						}
						System.out.println("|---- ---- " + attributeName
								+ " = " + value);
					}
				}
			}

		} catch (LDAPException e) {
			System.out.println("Error: " + e.toString());
		} catch (UnsupportedEncodingException e) {
			System.out.println("Error: " + e.toString());
		} finally {
			try {
				if (lc.isConnected()) {
					lc.disconnect();
				}
			} catch (Exception e) {
				e.printStackTrace();
			}
		}
	}
}

运行结果:

DN =: dc=micmiu,dc=com
|---- Attributes list:
|---- ---- dc = micmiu
|---- ---- o = Michael Blog
|---- ---- objectClass = domain
|---- ---- objectClass = top
DN =: ou=Developer,dc=micmiu,dc=com
|---- Attributes list:
|---- ---- description = Container for developer entries
|---- ---- ou = Developer
|---- ---- objectClass = organizationalUnit
DN =: ou=Tester,dc=micmiu,dc=com
|---- Attributes list:
|---- ---- description = Container for test entries
|---- ---- ou = Tester
|---- ---- objectClass = organizationalUnit
DN =: uid=Michael,ou=Developer,dc=micmiu,dc=com
|---- Attributes list:
|---- ---- userPassword = 111111
|---- ---- labeledURI = http://www.micmiu.com
|---- ---- uid = Michael
|---- ---- sn = Sun
|---- ---- cn = Michael Sun
|---- ---- mail = sjsky007@gmail.com
|---- ---- objectClass = inetOrgPerson
DN =: uid=Miumiu,ou=Tester,dc=micmiu,dc=com
|---- Attributes list:
|---- ---- userPassword = 111111
|---- ---- labeledURI = http://www.micmiu.com
|---- ---- uid = Miumiu
|---- ---- sn = Wu
|---- ---- cn = Miumiu Wu
|---- ---- objectClass = inetOrgPerson
DN =: dc=app1,dc=micmiu,dc=com
|---- Attributes list:
|---- ---- dc = app1
|---- ---- o = Michael Demo
|---- ---- objectClass = domain
DN =: dc=app2,dc=micmiu,dc=com
|---- Attributes list:
|---- ---- dc = app2
|---- ---- o = Michael Demo
|---- ---- objectClass = domain
DN =: ou=Demo,dc=app1,dc=micmiu,dc=com
|---- Attributes list:
|---- ---- description = Container for Demo entries
|---- ---- ou = Developer
|---- ---- ou = Demo
|---- ---- objectClass = organizationalUnit
DN =: ou=Demo,dc=app2,dc=micmiu,dc=com
|---- Attributes list:
|---- ---- description = Container for Demo entries
|---- ---- ou = Developer
|---- ---- ou = Demo
|---- ---- objectClass = organizationalUnit
DN =: uid=michael,ou=Demo,dc=app1,dc=micmiu,dc=com
|---- Attributes list:
|---- ---- userPassword = 111111
|---- ---- labeledURI = http://www.micmiu.com
|---- ---- uid = michael
|---- ---- sn = Sun
|---- ---- cn = Michael Sun
|---- ---- mail = sjsky007@gmail.com
|---- ---- objectClass = inetOrgPerson
DN =: uid=hazel,ou=Demo,dc=app1,dc=micmiu,dc=com
|---- Attributes list:
|---- ---- userPassword = 111111
|---- ---- labeledURI = http://www.micmiu.com
|---- ---- uid = hazel
|---- ---- sn = Wu
|---- ---- cn = Hazel Wu
|---- ---- objectClass = inetOrgPerson
DN =: uid=michael,ou=Demo,dc=app2,dc=micmiu,dc=com
|---- Attributes list:
|---- ---- userPassword = 111111
|---- ---- labeledURI = http://www.micmiu.com
|---- ---- uid = michael
|---- ---- sn = Sun
|---- ---- cn = Michael Sun
|---- ---- mail = sjsky007@gmail.com
|---- ---- objectClass = inetOrgPerson
DN =: uid=hazel,ou=Demo,dc=app2,dc=micmiu,dc=com
|---- Attributes list:
|---- ---- userPassword = 111111
|---- ---- labeledURI = http://www.micmiu.com
|---- ---- uid = hazel
|---- ---- sn = Wu
|---- ---- cn = Hazel Wu
|---- ---- objectClass = inetOrgPerson

查询结果和客户端查询出的信息一致。

2.添加

java代码:LDAPAddEntry.java

package com.micmiu.ldap;

import java.io.UnsupportedEncodingException;

import com.novell.ldap.LDAPAttribute;
import com.novell.ldap.LDAPAttributeSet;
import com.novell.ldap.LDAPConnection;
import com.novell.ldap.LDAPEntry;
import com.novell.ldap.LDAPException;

/**
 * 添加新条目的示例
 * blog http://www.micmiu.com
 *
 * @author Michael
 *
 */
public class LDAPAddEntry {

	/**
	 *
	 * @param args
	 */
	public static void main(String[] args) {

		String ldapHost = "localhost";
		String loginDN = "cn=Manager,dc=micmiu,dc=com";
		String password = "secret";
		String containerName = "dc=micmiu,dc=com";

		int ldapPort = LDAPConnection.DEFAULT_PORT;
		int ldapVersion = LDAPConnection.LDAP_V3;
		LDAPConnection lc = new LDAPConnection();
		LDAPAttributeSet attributeSet = new LDAPAttributeSet();

		attributeSet.add(new LDAPAttribute("objectclass", new String(
				"inetOrgPerson")));
		attributeSet.add(new LDAPAttribute("cn", "Wukong Sun"));
		attributeSet.add(new LDAPAttribute("sn", "Sun"));
		attributeSet.add(new LDAPAttribute("mail", "sjsky007@gmail.com"));
		attributeSet.add(new LDAPAttribute("labeledURI",
				"http://www.micmiu.com"));
		attributeSet.add(new LDAPAttribute("userPassword", "111111"));
		attributeSet.add(new LDAPAttribute("uid", "addnew"));
		String dn = "uid=addnew,ou=Developer,"+containerName;
		LDAPEntry newEntry = new LDAPEntry(dn, attributeSet);
		try {
			lc.connect(ldapHost, ldapPort);
			lc.bind(ldapVersion, loginDN, password.getBytes("UTF8"));
			System.out.println("login ldap server successfully.");
			lc.add(newEntry);
			System.out.println("Added object: " + dn + " successfully.");
		} catch (LDAPException e) {
			e.printStackTrace();
		} catch (UnsupportedEncodingException e) {
			System.out.println("Error: " + e.toString());
		} finally {
			try {
				if (lc.isConnected()) {
					lc.disconnect();
				}
			} catch (Exception e) {
				e.printStackTrace();
			}
		}
	}
}

运行结果:

login ldap server successfully.
Added object: uid=addnew,ou=Developer,dc=micmiu,dc=com successfully.

客户端刷新后的截图:

3.删除

java代码:LDAPDeleteEntry.java

package com.micmiu.ldap;

import java.io.UnsupportedEncodingException;

import com.novell.ldap.LDAPConnection;
import com.novell.ldap.LDAPException;

/**
 * 删除条目的示例
 * blog http://www.micmiu.com
 *
 * @author Michael
 *
 */
public class LDAPDeleteEntry {

	/**
	 * @param args
	 */
	public static void main(String[] args) {

		String ldapHost = "localhost";
		String loginDN = "cn=Manager,dc=micmiu,dc=com";
		String password = "secret";
		String deleteDN = "uid=addnew,ou=Developer,dc=micmiu,dc=com";

		int ldapPort = LDAPConnection.DEFAULT_PORT;
		int ldapVersion = LDAPConnection.LDAP_V3;
		LDAPConnection lc = new LDAPConnection();
		try {
			lc.connect(ldapHost, ldapPort);
			lc.bind(ldapVersion, loginDN, password.getBytes("UTF8"));

			lc.delete(deleteDN);
			System.out.println(" delete Entry: " + deleteDN + " success.");
			lc.disconnect();
		} catch (LDAPException e) {
			if (e.getResultCode() == LDAPException.NO_SUCH_OBJECT) {
				System.err.println("Error: No such object");
			} else if (e.getResultCode() == LDAPException.INSUFFICIENT_ACCESS_RIGHTS) {
				System.err.println("Error: Insufficient rights");
			} else {
				System.err.println("Error: " + e.toString());
			}
		} catch (UnsupportedEncodingException e) {
			System.out.println("Error: " + e.toString());
		} finally {
			try {
				if (lc.isConnected()) {
					lc.disconnect();
				}
			} catch (Exception e) {
				e.printStackTrace();
			}
		}

	}

}

运行结果:

delete Entry: uid=addnew,ou=Developer,dc=micmiu,dc=com success.

在刷新客户端后发现刚新增加的条目:addnew 已经被删除了。

4.修改属性

java代码:LDAPAddEntry.java

package com.micmiu.ldap;

import java.io.UnsupportedEncodingException;
import java.util.ArrayList;
import java.util.Date;
import java.util.List;

import com.novell.ldap.LDAPAttribute;
import com.novell.ldap.LDAPConnection;
import com.novell.ldap.LDAPException;
import com.novell.ldap.LDAPModification;

/**
 * 修改操作示例
 * blog http://www.micmiu.com
 *
 * @author Michael
 *
 */
public class LDAPModifyAttrs {

	/**
	 * @param args
	 */
	public static void main(String[] args) {

		String ldapHost = "localhost";
		String loginDN = "cn=Manager,dc=micmiu,dc=com";
		String password = "secret";
		String modifyDN = "uid=Michael,ou=Developer,dc=micmiu,dc=com";

		int ldapPort = LDAPConnection.DEFAULT_PORT;
		int ldapVersion = LDAPConnection.LDAP_V3;
		LDAPConnection lc = new LDAPConnection();

		List<LDAPModification> modList = new ArrayList<LDAPModification>();

		// Add a new value to the description attribute
		String desc = "This object was modified at " + new Date();
		LDAPAttribute attribute = new LDAPAttribute("description", desc);
		modList.add(new LDAPModification(LDAPModification.ADD, attribute));

		attribute = new LDAPAttribute("telephoneNumber", "180-8888-xxxx");
		modList.add(new LDAPModification(LDAPModification.ADD, attribute));

		// Replace the labeledURI address with a new value
		attribute = new LDAPAttribute("labeledURI", "www.micmiu.com");
		modList.add(new LDAPModification(LDAPModification.REPLACE, attribute));

		// delete the email attribute
		attribute = new LDAPAttribute("mail");
		modList.add(new LDAPModification(LDAPModification.DELETE, attribute));

		LDAPModification[] mods = new LDAPModification[modList.size()];
		mods = (LDAPModification[]) modList.toArray(mods);

		try {
			lc.connect(ldapHost, ldapPort);
			lc.bind(ldapVersion, loginDN, password.getBytes("UTF8"));
			lc.modify(modifyDN, mods);
			System.out
					.println("LDAPAttribute add、replace、delete all successful.");
		} catch (LDAPException e) {
			e.printStackTrace();
		} catch (UnsupportedEncodingException e) {
			System.out.println("Error: " + e.toString());
		} finally {
			try {
				if (lc.isConnected()) {
					lc.disconnect();
				}
			} catch (Exception e) {
				e.printStackTrace();
			}
		}

	}

}

修改后客户端查询到的信息截图如下:

5.验证密码

java代码:LDAPVerifyPassword.java

package com.micmiu.ldap;

import java.io.UnsupportedEncodingException;

import com.novell.ldap.LDAPAttribute;
import com.novell.ldap.LDAPConnection;
import com.novell.ldap.LDAPException;

/**
 * 验证密码的示例
 * blog http://www.micmiu.com
 * 
 * @author Michael
 * 
 */
public class LDAPVerifyPassword {

	/**
	 * @param args
	 */
	public static void main(String[] args) {

		String ldapHost = "localhost";
		String loginDN = "cn=Manager,dc=micmiu,dc=com";
		String password = "secret";
		String verifyDN = "uid=Michael,ou=Developer,dc=micmiu,dc=com";
		String verifyPassword = "111111";

		int ldapPort = LDAPConnection.DEFAULT_PORT;

		int ldapVersion = LDAPConnection.LDAP_V3;
		LDAPConnection lc = new LDAPConnection();

		try {
			lc.connect(ldapHost, ldapPort);
			lc.bind(ldapVersion, loginDN, password.getBytes("UTF8"));
			LDAPAttribute attr = new LDAPAttribute("userPassword",
					verifyPassword);
			boolean correct = lc.compare(verifyDN, attr);
			System.out.println(correct ? "The password is correct.^_^"
					: "The password is incorrect.!!!");
		} catch (LDAPException e) {
			e.printStackTrace();
			if (e.getResultCode() == LDAPException.NO_SUCH_OBJECT) {
				System.err.println("Error: No such entry");
			} else if (e.getResultCode() == LDAPException.NO_SUCH_ATTRIBUTE) {
				System.err.println("Error: No such attribute");
			} else {
				System.err.println("Error: " + e.toString());
			}
		} catch (UnsupportedEncodingException e) {
			System.err.println("Error: " + e.toString());
		} finally {
			try {
				if (lc.isConnected()) {
					lc.disconnect();
				}
			} catch (Exception e) {
				e.printStackTrace();
			}
		}
	}
}

运行结果:

The password is correct.^_^

验证密码成功。

—-





wuyupengwoaini
关注
  • 0
    点赞
  • 3
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
专栏目录
java连接LDAP的jar包和实例
04-09
java连接LDAP实例和jar包,里面包含ssl连接和更改LDAP属性的例子,公参考
Java访问LDAP
Chen_yu_ting的专栏
01-10 7771
javaLDAP,启动LDAP服务
JAVA访问LDAP(openldap)的示例
dawuafang
10-28 368
1,安装openldap,下载openldap: http://download.csdn.net/detail/kkdelta/8090881 修改c:\openldap\slapd.conf本示例中的suffix 和rootdn修改为如下:database bdb#suffix "dc=maxcrc,dc=com"#rootdn "cn=Manager,dc=maxcrc,dc=com"s...
Java对接OpenLdap实现数据单向同步到MySql
weixin_46167139的博客
08-12 1007
Java对接OpenLdap实现数据单向同步到MySql 把配置信息写成配置项,优化代码: 最近公司项目需求有对接OpenLdap并连接MySql进行数据单向同步功能,公司里也是第一次对接,把任务交给了我,让我自行学习,并实现此功能。 在网上查阅许久,发现百分之80的博客皆是8年甚至更久远的文章,帮助并不大,Java对接OpenLdap实现数据单向同步到MySql的更是没有,所以我为了方便以后自己查阅,增强记忆,将代码以及方法贴出来。也希望能对大家有所帮助。 package com.tiduyun.cmp.
openldap java查询,jldap实现JavaLDAP基本操作
weixin_28848739的博客
03-12 262
DN =: dc=micmiu,dc=com|---- Attributes list:|---- ---- dc = micmiu|---- ---- o = Michael Blog|---- ---- objectClass = domain|---- ---- objectClass = topDN =: ou=Developer,dc=micmiu,dc=com|---- Attribu...
JAVA使用Ldap操作AD域的方法示例
08-26
主要介绍了JAVA使用Ldap操作AD域的方法示例,文中通过示例代码介绍的非常详细,对大家的学习或者工作具有一定的参考学习价值,需要的朋友们下面随着小编来一起学习学习
JAVA_基本LDAP操作实例
09-05
介绍了JAVA_基本LDAP操作实例,有需要的朋友可以参考一下
LDAP实现AD域账号验证 - Java/SpringBoot
03-23
LDAP实现AD域账号验证
ldap java实现
03-28
LDAP.rar_java ldap_ldap_ldap java
09-19
LDAP安装手册 通过此文件,可以知道SUN LDAP安装操作全过程
java web集成ldap_关于Java LDAP登录集成
weixin_35492662的博客
02-13 629
最近项目需要集成LDAP的登录,所以简单研究了一下ldap的集成主要有以下几个步骤:一、配置spring boot的LDAP配置文件1.配置pom文件:org.springframework.bootspring-boot-starter-data-ldaporg.springframework.bootspring-boot-starter-weborg.projectlomboklombokt...
LDAP简介及Java、客户端连接
lydms的博客
06-13 6192
1、简介 2、Java代码连接 3、客户端连接
ad域 java_JAVA使用Ldap操作AD域
weixin_35411443的博客
02-12 802
项目上遇到的需要在集成 操作域用户的信息的功能,第一次接触ad域,因为不了解而且网上其他介绍不明确,比较费时,这里记录下。说明:(1). 特别注意:Java操作查询域用户信息获取到的数据和域管理员在电脑上操作查询的数据可能会存在差异(同一个意思的表示字段,两者可能不同)。(2). 连接ad域有两个地址: ldap://XXXXX.com:389 和ldap://XXXXX.com:636(SSL...
java操作ldap(完整篇)
belialxing的专栏
04-09 2万+
原因:2个ldap间用户同步(因为ldap组织结构的不同步,需要同步一台的用户和密码) 操作ldap认证、获取ldap用户信息、添加ldap组、添加ldap用户、修改ldap用户信息、删除ldap用户 遇到的问题:gidNumer和uidNumber ,必须是int类型.10位长度. public class LdapUser { public String cn; public ...
JAVA操作LDAP总结
weixin_30616969的博客
07-27 454
一、LDAP概念 LDAP的全称为Lightweight Directory Access Protocol(轻量级目录访问协议), 基于X.500标准, 支持 TCP/IP。 LDAP目录为数据库,通过LDAP服务器(相当于DBMS)处理查询和更新, 以树状的层次结构来存储数据,相对关系型数据库, LDAP主要是优化数据读取的性能,适用于比较少改变、跨平台的信息。 二、Softerr...
Java程序通过LDAP对用户进行登陆验证
七步诗
05-06 2万+
在去年的一个南京项目中,客户方要求用户登陆需要在其他平台下进行认证,当时客户用的LDAP“数据库”管理方式,后来查阅Java已经对LDAP进行了封装,不需要下载其他jar包就可以实现。 补脑:【LDAP】是"LightweightDirectoryAccessProtocol"的缩写,中文翻译过来就叫“轻量目录访问协议”,看字面大概能猜出应该是以树状形存储数据的数据库,后来翻
java 操作 ldap_JAVA操作LDAP总结
weixin_39980184的博客
02-12 1857
一、LDAP概念LDAP的全称为Lightweight Directory Access Protocol(轻量级目录访问协议), 基于X.500标准, 支持 TCP/IP。LDAP目录为数据库,通过LDAP服务器(相当于DBMS)处理查询和更新, 以树状的层次结构来存储数据,相对关系型数据库, LDAP主要是优化数据读取的性能,适用于比较少改变、跨平台的信息。二、Softerra LDAP Ad...
java项目实现ldap认证
最新发布
stormkai的专栏
10-17 2150
【代码】java项目实现ldap认证。
Java通过Ldap操作AD的增删改查询
热门推荐
binyao02123202的专栏
01-23 2万+
package com.smnpc.util; import java.util.Hashtable; import java.util.Vector; import javax.naming.Context; import javax.naming.NamingEnumeration; import javax.naming.NamingException; import javax.nam

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值