JAVA操作Ldap示例
来源:互联网 发布:软件系统接口设计方案 编辑:程序博客网 时间:2024/05/27 16:43
JAVA使用javax.naming.*;连接和操作ldap
1. 连接ldap
private static String url = "ldaps://IP地址:636"; private static String adminName = "登陆的用户名"; private static String adminPwd = "密码"; private static String fileName = "证书的无力路径"; private static String keystoreAsString = ""; private static String keystorePwd = "证书的密码"; public static DirContext context = null;public static void connectLdap(){ setKeystoreAsString(); System.setProperty("javax.net.ssl.trustStore" , keystoreAsString); System.setProperty("javax.net.ssl.trustStorePassword" , keystorePwd); Hashtable<String, String> env = new Hashtable<String, String>(); env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory"); env.put(Context.PROVIDER_URL, url); env.put(Context.SECURITY_AUTHENTICATION, "simple"); env.put(Context.SECURITY_PROTOCOL, adminName); env.put(Context.SECURITY_CREDENTIALS, adminPwd); env.put(Context.SECURITY_PROTOCOL, "ssl"); try{ context = new InitialDirContext(env); System.out.println("connect to ldap success!"); }catch (NamingException e){ e.printStackTrace(); } }
这里是用ssl方式连接,所以需要从服务器中导出证书
2. 操作ldap
2.1. 查询得到所有的container(类似的查询所有的group等)
private static List<String> getContainerList(){ if(context == null){ connectLdap(); } List<String> containerList= new ArrayList<String>(); SearchControls ctl = new SearchControls(); ctl.setSearchScope(SearchControls.SUBTREE_SCOPE); try{ NamingEnumeration en = context.search(DN, "(&(&(objectClass=top)(objectClass=container))(!(objectClass=group)))", ctl); while ((en != null) && (en.hasMoreElements())){ Object obj = en.nextElement(); if( obj instanceof SearchResult) { SearchResult result = (SearchResult)obj; Attributes attrs = result.getAttributes(); if(attrs == null) { System.out.println("No containers"); } else { containerList.add((String) attrs.get("cn").get(0)); } } } }catch (NamingException e){ e.printStackTrace(); } return containerList; }
2.2. 得到所有的user
private static List<String> getUserList(){ List<String> userList = new ArrayList<String>(); if(context == null){ connectLdap(); } SearchControls ctl = new SearchControls(); ctl.setSearchScope(SearchControls.SUBTREE_SCOPE); try{ NamingEnumeration en = context.search(DN, "(&(&(objectClass=user)(objectClass=organizationalPerson))(!(objectClass=computer)))", ctl); while ((en != null) && (en.hasMoreElements())){ Object obj = en.nextElement(); if( obj instanceof SearchResult) { SearchResult result = (SearchResult)obj; Attributes attrs = result.getAttributes(); if(attrs == null) { System.out.println("No containers"); } else { userList.add((String) attrs.get("cn").get(0)); } } } }catch (NamingException e){ e.printStackTrace(); } return userList; }
2.3. 创建container
public static void addContainer(String cn){ if(context == null){ connectLdap(); } String userDN = "cn=" + cn + "," + baseDN; if(!isContainerExist(cn)){ Attributes attrs = new BasicAttributes(); attrs = addContainerObjectClass(attrs); //私有的功能函数,文章后面会有,填写必要的objectClass try{ context.createSubcontext(userDN, attrs); System.out.println(cn + " is created successfully"); }catch (NamingException e){ e.printStackTrace(); } }else{ System.out.println("container已经存在"); return; } }
2.4. 创建User
public static void createUserInContainerAsSlave(String cn){ List<String> userList = new ArrayList<String>();//批量产生用户并创建 userList.add(cn + ".dn"); userList.add(cn + ".hbase"); userList.add(cn + ".http"); userList.add(cn + ".nm"); if(context == null){ connectLdap(); } for(String user: userList) { if (!isUserExist(user)) { Attributes attrs = getCommonUserAttributes(user); //功能函数,填写用户必要的属性 attrs = addUserObjectClass(attrs); //功能函数,填写必要的objectClass try { String userDN = "cn=" + user + ",cn=" + cn + "," + baseDN; context.createSubcontext(userDN, attrs); System.out.println("OK"); } catch (NamingException e) { e.printStackTrace(); } }else{ System.out.println("用户已经存在"); return ; } } }
功能函数:
/** * 判断这个container是否存在 * @param cn * @return */ private static boolean isContainerExist(String cn){ List<String> list = getContainerList(); if(list.contains(cn)){ return true; }else{ return false; } }
/** * 判断一个用户是否存在 * @param cn * @return */ private static boolean isUserExist(String cn){ List<String> userList = getUserList(); if(userList.contains(cn)){ return true; }else{ return false; } }
private static void putAttribute( Attributes attrs , String attrName , Object attrValue) { if( attrValue != null && attrValue.toString().length() !=0 ) { Attribute attr = new BasicAttribute(attrName , attrValue); attrs.put(attr); } }
private static Attributes addContainerObjectClass(Attributes attrs){ Attribute obj = new BasicAttribute("objectClass"); obj.add("top"); obj.add("container"); attrs.put(obj); return attrs; }
private static Attributes addUserObjectClass(Attributes attrs){ Attribute obj = new BasicAttribute("objectClass"); obj.add("top"); obj.add("person"); obj.add("organizationalPerson"); obj.add("user"); attrs.put(obj); return attrs; }
private static Attributes getCommonUserAttributes(String cn){ int UF_PASSWD_NOTREQD = 0x0020; int UF_NORMAL_ACCOUNT = 0x0200; int UF_PASSWORD_EXPIRED = 0x800000; Attributes attrs =new BasicAttributes(); try { putAttribute(attrs, "cn", cn); putAttribute(attrs, "unicodePwd", ("\"" + unicodePwd + "\"").getBytes("UTF-16LE")); attrs.put(new BasicAttribute("userAccountControl" , Integer.toString(UF_NORMAL_ACCOUNT + UF_PASSWD_NOTREQD + UF_PASSWORD_EXPIRED))); }catch(Exception e) { e.printStackTrace(); } return attrs; }
ldap的其他操作其实和这些差不多,例如得到userPrincipalName, distinguishedName之类的属性,就是用NamingEnumerattion这个类是查找,今天没时间了,后续的以后写吧。
0 0
- JAVA操作Ldap示例
- Java LDAP操作
- Java操作Ldap
- java简单操作 ldap
- Java LDAP操作
- java对Ldap操作1
- java对Ldap操作4
- java对Ldap操作3
- java对Ldap操作2
- 使用Java操作LDAP案例
- 【备忘】Java LDAP 相关操作
- Java程序操作LDAP数据库
- 用Java操作LDAP案例
- LDAP 示例
- Java访问LDAP服务器认证代码示例
- JAVA访问LDAP(openldap)的示例
- 如何使用Java操作LDAP之LDAP连接(一)
- Spring-ldap 操作LDAP
- iOS﹣ Autolayout NSLayoutConstraint
- android图形编辑和处理(五)
- 手游基本框架的介绍
- android消息机制
- js 表单验证及使用
- JAVA操作Ldap示例
- PHP date函数参数详解
- ubuntu下编译openjdk 并在eclipse调试hotspot
- 获取设备的信息,UUId,Language,在线的模式
- ajax上传map类型数据,后台解析
- 显示年月日(第三章第二题)
- C#进行图像处理的几种方法(bitmap,bitmapData,IntPtr)
- leetcode Pascal's Triangle II
- Android 底部切换