Re: authenticate to opendirectory
Re: authenticate to opendirectory
- Subject: Re: authenticate to opendirectory
- From: Lionel GUILLAUME <email@hidden>
- Date: Thu, 29 Jul 2004 09:53:47 +0200
Here is the authentication I use :
public static boolean authenticate (String uid, String password) {
// LDAP parameters
String INITCTX = "com.sun.jndi.ldap.LdapCtxFactory";
String HOST = "ldap://localhost:389";;
String BASE_DN = "dc=test3,dc=test2,dc=test1,dc=fr";
DirContext ctx;
Hashtable env;
env = new Hashtable();
env.put (Context.INITIAL_CONTEXT_FACTORY, INITCTX);
env.put (Context.PROVIDER_URL, HOST);
// LDAP filter
String filter = "(&(objectclass=person)(uid="+uid+"))";
String rdn = null;
try {
// LDAP connect anonymous and find the RDN of the ldapentry
which is $uid
ctx = new InitialDirContext (env);
SearchControls constraints = new SearchControls();
constraints.setSearchScope (SearchControls.SUBTREE_SCOPE);
NamingEnumeration results = ctx.search (BASE_DN, filter,
constraints);
if (results!=null && results.hasMore()) {
SearchResult sr = (SearchResult)results.next();
rdn = sr.getName();
}
} catch (Exception e) {
e.printStackTrace();
return false;
}
// create the DN with the RDN and BaseDn
String dn = rdn+","+BASE_DN;
env.put (Context.SECURITY_AUTHENTICATION, "simple");
env.put (Context.SECURITY_PRINCIPAL, dn);
env.put (Context.SECURITY_CREDENTIALS, password);
try {
// Connect LDAP as user and make a search, search OK means
authentication SUCCESS
ctx = new InitialDirContext (env);
SearchControls constraints = new SearchControls();
constraints.setSearchScope (SearchControls.SUBTREE_SCOPE);
NamingEnumeration results = ctx.search (BASE_DN, filter,
constraints);
if (results!=null && results.hasMore()) {
return true;
}
} catch (Exception e) {
e.printStackTrace();
}
return false;
}
William Norris wrote:
I'm at a loss... I know this can't be that difficult. I've just spent
hours on google, but cannot find a way to have my WO application
authentication users against OpenDirecctory (or any LDAP source for
that matter). I've been reading extensively about JAAS and JNDI, but
can't seem to find anyone that has actually done it [and written about
it]. I was able to find one email (link below) with a code example of
how to do it, but it fails to work for me. I must be overlooking
something... this would seem to be a very common task, so there must
be some good authentication libraries already out there (guess I've
been spoiled by PHP's PEAR::Auth)
_______________________________________________
webobjects-dev mailing list | email@hidden
Help/Unsubscribe/Archives: http://www.lists.apple.com/mailman/listinfo/webobjects-dev
Do not post admin requests to the list. They will be ignored.
_______________________________________________
webobjects-dev mailing list | email@hidden
Help/Unsubscribe/Archives: http://www.lists.apple.com/mailman/listinfo/webobjects-dev
Do not post admin requests to the list. They will be ignored.