用户名+密码登录ldap服务器，注意密码没有存储在ldap中的password

用用户名+密码模拟登录ldap服务器，不是从ldap中获取密码比较

public class LdapUserAuthenticate {private String URL = "ldap://10.41.83.236:389/";private String BASEDN = "dc=zte,dc=intra";private String FACTORY = "com.sun.jndi.ldap.LdapCtxFactory";private LdapContext ctx = null;private Hashtable<String, String> env=null;private Control[] connCtls = null;private SearchResult searchResult;private void connectToLDAPServer() {env = new Hashtable<String, String>();env.put(Context.INITIAL_CONTEXT_FACTORY, FACTORY);env.put(Context.PROVIDER_URL, URL + BASEDN);// LDAP serverenv.put(Context.SECURITY_AUTHENTICATION, "simple");// 此处若不指定用户名和密码,则自动转换为匿名登录env.put(Context.SECURITY_PRINCIPAL,"cn=gitlab,ou=NM,ou=Central R&D Institute,ou=R&D Institute,dc=zte,dc=intra");env.put(Context.SECURITY_CREDENTIALS, "gitlab");try {connCtls = new Control[] { new LdapADManagerControl() };ctx = new InitialLdapContext(env, connCtls);} catch (javax.naming.AuthenticationException e) {System.out.println("Authentication faild: " + e.toString());} catch (Exception e) {System.out.println("Something wrong while authenticating: " + e.toString());}}class LdapADManagerControl implements Control {@Overridepublic String getID() {// TODO Auto-generated method stubreturn null;}@Overridepublic boolean isCritical() {// TODO Auto-generated method stubreturn false;}@Overridepublic byte[] getEncodedValue() {// TODO Auto-generated method stubreturn null;}}private String getUserDN(String ID) {String userDN = "";connectToLDAPServer();try {SearchControls constraints = new SearchControls();constraints.setSearchScope(SearchControls.SUBTREE_SCOPE);NamingEnumeration<?> en = ctx.search("", "sAMAccountName=" + ID, constraints);if (en == null) {System.out.println("Have no NamingEnumeration.");}if (!en.hasMoreElements()) {System.out.println("Have no element.");}while (en != null && en.hasMoreElements()) {// maybe more than one// // elementObject obj = en.nextElement();if (obj instanceof SearchResult) {SearchResult si = (SearchResult) obj;userDN += si.getName();userDN += "," + BASEDN;searchResult = si;} else {System.out.println(obj);}}} catch (Exception e) {System.out.println("Exception in search():" + e);}return userDN;}public String authenricate(String ID, String password) {String username = null;if (ID.equals("") || password.equals(""))return null;else {String userDN = "";try {userDN = getUserDN(ID);if (userDN.equals(""))return null;ctx.addToEnvironment(Context.SECURITY_PRINCIPAL, userDN);ctx.addToEnvironment(Context.SECURITY_CREDENTIALS, password);ctx.reconnect(connCtls);String longName = (String)searchResult.getAttributes().get("CN").get();username = longName.split("\\d+")[0];return username;} catch (AuthenticationException e) {System.out.println(userDN + " is not authenticated");System.out.println(e.toString());} catch (NamingException e) {System.out.println(userDN + " is not authenticated");}catch (Exception e) {System.out.println(userDN + " is not authenticated");}return null;}}}

LdapUserAuthenticate authen = new LdapUserAuthenticate();username = authen.authenricate(userid,password);if (username == null) {System.out.println("登陆失败");response.sendRedirect("login.html");}else{System.out.println("登陆成功");CookieUtil.addCookie(response, "userName", username, 1800);response.sendRedirect(referer);}