1. 认证信息:
package com.royal.jldap;
import java.util.Hashtable;
import javax.naming.Context;
import javax.naming.NamingException;
import javax.naming.directory.DirContext;
import javax.naming.directory.InitialDirContext;
/**
* @Description JAVA LDAP 认证信息
*
* @author 萧_瑟
* @version 1.0 创建时间 2013-1-22
*
*/
public class LDAPTest {
private static String ldapURL = "ldap://192.168.xx.xx:389/";
public static void main(String[] args) {
rootCredentials();
xsCredentials();
}
// database bdb
// suffix "dc=gzis,dc=ac.cn"
// checkpoint 1024 15
// rootdn "cn=Manager,dc=gzis,dc=ac.cn"
// rootpw secret
public static void rootCredentials() {
String root = "cn=Manager,dc=gzis,dc=ac.cn";// root
Hashtable<String, String> env = new Hashtable<String, String>();
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.PROVIDER_URL, ldapURL);
env.put(Context.SECURITY_AUTHENTICATION, "simple");
env.put(Context.SECURITY_PRINCIPAL, root);
env.put(Context.SECURITY_CREDENTIALS, "secret");
DirContext ctx = null;
try {
ctx = new InitialDirContext(env);
System.out.println("root认证成功");
} catch (NamingException e) {
e.printStackTrace();
System.out.println("root认证失败");
} catch (Exception e) {
System.out.println("root认证出错:");
e.printStackTrace();
}
if (ctx != null) {
try {
ctx.close();
} catch (NamingException e) {
e.printStackTrace();
}
}
}
// dn: cn=xiao se,ou=people,dc=gzis,dc=ac.cn
// objectClass: inetOrgPerson
// cn: xiao se
// sn: xiao se
// uid: xs
// userPassword: 123456
// description: 高级工程师
public static void xsCredentials() {
String root = "cn=xiao se,ou=people,dc=gzis,dc=ac.cn";
Hashtable<String, String> env = new Hashtable<String, String>();
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.PROVIDER_URL, ldapURL);
env.put(Context.SECURITY_AUTHENTICATION, "simple");
env.put(Context.SECURITY_PRINCIPAL, root);
env.put(Context.SECURITY_CREDENTIALS, "123456");
DirContext ctx = null;
try {
ctx = new InitialDirContext(env);
System.out.println("xiao se认证成功");
} catch (NamingException e) {
e.printStackTrace();
System.out.println("xiao se认证失败");
} catch (Exception e) {
System.out.println("xiao se认证出错:");
e.printStackTrace();
}
if (ctx != null) {
try {
ctx.close();
} catch (NamingException e) {
e.printStackTrace();
}
}
}
}
2. 增加信息:
package com.royal.jldap;
import java.util.Hashtable;
import javax.naming.Context;
import javax.naming.NamingException;
import javax.naming.directory.BasicAttribute;
import javax.naming.directory.BasicAttributes;
import javax.naming.directory.DirContext;
import javax.naming.directory.InitialDirContext;
/**
* @Description JAVA LDAP 创建/添加数据
*
* @author 萧_瑟
* @version 1.0 创建时间 2013-1-23
*
*/
public class LDAPAdd {
private static String ldapURL = "ldap://192.168.xx.xx:389/";
public static void main(String[] args) {
String account = "Manager";// 操作LDAP的帐户。默认就是Manager。
String password = "secret";// 帐户Manager的密码。
String root = "dc=gzis,dc=ac.cn"; // LDAP的根节点的DC
// 添加失败,无添加权限,运行报错
// String account = "xiao se";
// String password = "123456";
// String root = "ou=people,dc=gzis,dc=ac.cn";
Hashtable<String, String> env = new Hashtable<String, String>();
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.PROVIDER_URL, ldapURL);
env.put(Context.SECURITY_AUTHENTICATION, "simple");
env.put(Context.SECURITY_PRINCIPAL, "cn=" + account + "," + root);
env.put(Context.SECURITY_CREDENTIALS, password);
DirContext ctx = null;
try {
// 初始化上下文
ctx = new InitialDirContext(env);
System.out.println("root认证成功");
// 创建一个组
// String ou = "testGroup";
// BasicAttributes attrs = new BasicAttributes();
// BasicAttribute objclassSet = new BasicAttribute("objectClass");
// objclassSet.add("organizationalUnit");
// attrs.put(objclassSet);
// attrs.put("ou", ou);
// ctx.createSubcontext("ou=" + ou + "," + root, attrs);
//添加一个用户
BasicAttributes attrs = new BasicAttributes();
BasicAttribute objclassSet = new BasicAttribute("objectClass");
objclassSet.add("inetOrgPerson");
attrs.put(objclassSet);
attrs.put("cn", "admin@gziscas");
attrs.put("userPassword", "123456");
attrs.put("uid", "admin@gziscas");
attrs.put("mail", "xx@xxx.com");
attrs.put("sn", "admin");
attrs.put("homePhone", "110xxxxxx");
attrs.put("description", "租户管理员");
ctx.createSubcontext("cn=admin@gziscas,ou=people," + root, attrs);
} catch (Exception e) {
e.printStackTrace();
}
if (ctx != null) {
try {
ctx.close();
} catch (NamingException e) {
e.printStackTrace();
}
}
}
}
3. 删除信息:
package com.royal.jldap;
import java.util.Hashtable;
import javax.naming.Context;
import javax.naming.NamingException;
import javax.naming.directory.DirContext;
import javax.naming.directory.InitialDirContext;
/**
* @Description JAVA LDAP 删除数据
*
* @author 萧_瑟
* @version 1.0 创建时间 2013-1-23
*
*/
public class LDAPDelete {
private static String ldapURL = "ldap://192.168.xx.xx:389/";
public static void main(String[] args) {
String account = "Manager";// 操作LDAP的帐户。默认就是Manager。
String password = "secret";// 帐户Manager的密码。
String root = "dc=gzis,dc=ac.cn"; // LDAP的根节点的DC
// 删除失败,无删除权限,运行不报错
// String account = "xiao se";
// String password = "123456";
// String root = "ou=people,dc=gzis,dc=ac.cn";
Hashtable<String, String> env = new Hashtable<String, String>();
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.PROVIDER_URL, ldapURL);
env.put(Context.SECURITY_AUTHENTICATION, "simple");
env.put(Context.SECURITY_PRINCIPAL, "cn=" + account + "," + root);
env.put(Context.SECURITY_CREDENTIALS, password);
DirContext ctx = null;
try {
// 初始化上下文
ctx = new InitialDirContext(env);
System.out.println("root认证成功");
// 删除
ctx.destroySubcontext("cn=admin@gziscas,ou=people," + root);
} catch (Exception e) {
e.printStackTrace();
}
if (ctx != null) {
try {
ctx.close();
} catch (NamingException e) {
e.printStackTrace();
}
}
}
}
4. 查询信息:
package com.royal.jldap;
import java.util.Enumeration;
import java.util.Hashtable;
import javax.naming.Context;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.directory.DirContext;
import javax.naming.directory.InitialDirContext;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
/**
* @Description JAVA LDAP 数据查询
*
* @author 萧_瑟
* @version 1.0 创建时间 2013-1-23
*
*/
public class LDAPSearch {
private static String ldapURL = "ldap://192.168.xx.xx:389/";
public static void main(String[] args) {
String account = "Manager";// 操作LDAP的帐户。默认就是Manager。
String password = "secret";// 帐户Manager的密码。
String root = "dc=gzis,dc=ac.cn"; // LDAP的根节点的DC
Hashtable<String, String> env = new Hashtable<String, String>();
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.PROVIDER_URL, ldapURL);
env.put(Context.SECURITY_AUTHENTICATION, "simple");
env.put(Context.SECURITY_PRINCIPAL, "cn=" + account + "," + root);
env.put(Context.SECURITY_CREDENTIALS, password);
DirContext ctx = null;
try {
//初始化上下文
ctx = new InitialDirContext(env);
System.out.println("root认证成功");
//查询
SearchControls constraints = new SearchControls();
constraints.setSearchScope(SearchControls.SUBTREE_SCOPE);
// constraints.setSearchScope(SearchControls.ONELEVEL_SCOPE);
// 查询所有用户
// NamingEnumeration en = ctx.search(root, "uid=*", constraints);
NamingEnumeration en = ctx.search(root, "objectclass=*", constraints);
// NamingEnumeration en = ctx.search(root, "ou=*", constraints);
// NamingEnumeration en = ctx.search(root, "description=*", constraints);
while (en != null && en.hasMoreElements()) {
Object obj = en.nextElement();
if (obj instanceof SearchResult) {
SearchResult si = (SearchResult) obj;
System.out.println("name:" + si.getName());
Attributes attrs = si.getAttributes();
if (attrs == null) {
System.out.println("No attributes ");
} else {
for (NamingEnumeration ae = attrs.getAll(); ae.hasMoreElements();) {
Attribute attr = (Attribute) ae.next();
String attrId = attr.getID();
for (Enumeration vals = attr.getAll(); vals.hasMoreElements();) {
System.out.print(attrId + ": ");
Object o = vals.nextElement();
if (o instanceof byte[]) {
System.out.println(new String((byte[]) o));
} else {
System.out.println(o);
}
}
}
}
} else {
System.out.println(obj);
}
System.out.println();
}
} catch (NamingException e) {
e.printStackTrace();
} catch (Exception e) {
e.printStackTrace();
}
if (ctx != null) {
try {
ctx.close();
} catch (NamingException e) {
e.printStackTrace();
}
}
}
}
5. 修改信息:
package com.royal.jldap;
import java.util.Hashtable;
import javax.naming.Context;
import javax.naming.NamingException;
import javax.naming.directory.BasicAttribute;
import javax.naming.directory.DirContext;
import javax.naming.directory.InitialDirContext;
import javax.naming.directory.ModificationItem;
/**
* @Description JAVA LDAP 修改数据
*
* @author 萧_瑟
* @version 1.0 创建时间 2013-1-23
*
*/
public class LDAPModify {
private static String ldapURL = "ldap://192.168.xx.xx:389/";
public static void main(String[] args) {
String account = "Manager";// 操作LDAP的帐户。默认就是Manager。
String password = "secret";// 帐户Manager的密码。
String root = "dc=gzis,dc=ac.cn"; // LDAP的根节点的DC
// 修改失败,无修改权限,运行报错
// String account = "xiao se";
// String password = "123456";
// String root = "ou=people,dc=gzis,dc=ac.cn";
Hashtable<String, String> env = new Hashtable<String, String>();
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.PROVIDER_URL, ldapURL);
env.put(Context.SECURITY_AUTHENTICATION, "simple");
env.put(Context.SECURITY_PRINCIPAL, "cn=" + account + "," + root);
env.put(Context.SECURITY_CREDENTIALS, password);
DirContext ctx = null;
try {
// 初始化上下文
ctx = new InitialDirContext(env);
System.out.println("root认证成功");
// 修改
String description = "屌丝逆袭";
String userPassword = "123456";
ModificationItem modificationItem[] = new ModificationItem[2];
modificationItem[0] = new ModificationItem(DirContext.REPLACE_ATTRIBUTE, new BasicAttribute("description", description));
modificationItem[1] = new ModificationItem(DirContext.REPLACE_ATTRIBUTE, new BasicAttribute("userPassword", userPassword));
ctx.modifyAttributes("cn=admin@gziscas,ou=people," + root, modificationItem);
} catch (Exception e) {
e.printStackTrace();
}
if (ctx != null) {
try {
ctx.close();
} catch (NamingException e) {
e.printStackTrace();
}
}
}
}
demo前提:已经配置好了LDAP服务器。
参考:
http://blog.sina.com.cn/s/blog_63533db30100mf05.html
http://spiritfrog.iteye.com/blog/390994
http://blog.163.com/lang_zi_ming/blog/static/1140161762012470537349/