Hi,
Can any one help to create a simple program to validate a user against LDAP?
I am using OPEN DS as my LDAP Server and JNDI API to access LDAP Server for authorization.
After creating a new user in Open DS, I created an html with username & password as textfield. Then I created a
servlet which connected succesfully to LDAP Server.
However, I am getting the password from LDAP Server for the current user in encrypted format and hence my authorization always fails.
My question is, how to write a program using JNDI API to authorize an user?
This is my code:
==============
package com.login.servlet;
import javax.naming.Context;
import javax.naming.NamingException;
import javax.naming.directory.Attributes;
import javax.naming.directory.DirContext;
import javax.naming.ldap.InitialLdapContext;
..
public class LoginServlet extends HTTPServlet{
private static DirContext createLdapContext() throws NamingException {
Hashtable env = new Hashtable();
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.PROVIDER_URL, "ldap://172.30.91.123:389");
env.put(Context.SECURITY_AUTHENTICATION, "simple");
env.put(Context.SECURITY_PRINCIPAL, "cn=Directory Manager");
env.put(Context.SECURITY_CREDENTIALS, "opends");
return new InitialLdapContext(env, null);
}
public void validateUser(HttpServletRequest request, SessionVO sessionVO) {
try {
String un=request.getParameter("username");
String pwd = request.getParameter("password");
DirContext dirContext = createLdapContext();
Attributes attrs = dirContext.getAttributes("uid="+un+",ou=People,dc=example,dc=com");
String actualPwd = attrs.get("userPassword").toString();
if(pwd.equals(actualpwd)){
System.out.println("Password correct");
}else {
System.out.println("Password worng");
}
} catch (NamingException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
}
==============