• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Program to validate a user against LDAP

 
Greenhorn
Posts: 2
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi,
Can any one help to create a simple program to validate a user against LDAP?

I am using OPEN DS as my LDAP Server and JNDI API to access LDAP Server for authorization.

After creating a new user in Open DS, I created an html with username & password as textfield. Then I created a servlet which connected succesfully to LDAP Server.
However, I am getting the password from LDAP Server for the current user in encrypted format and hence my authorization always fails.

My question is, how to write a program using JNDI API to authorize an user?

This is my code:
==============
package com.login.servlet;

import javax.naming.Context;
import javax.naming.NamingException;
import javax.naming.directory.Attributes;
import javax.naming.directory.DirContext;
import javax.naming.ldap.InitialLdapContext;
..

public class LoginServlet extends HTTPServlet{

private static DirContext createLdapContext() throws NamingException {
Hashtable env = new Hashtable();

env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.PROVIDER_URL, "ldap://172.30.91.123:389");
env.put(Context.SECURITY_AUTHENTICATION, "simple");
env.put(Context.SECURITY_PRINCIPAL, "cn=Directory Manager");
env.put(Context.SECURITY_CREDENTIALS, "opends");

return new InitialLdapContext(env, null);
}

public void validateUser(HttpServletRequest request, SessionVO sessionVO) {
try {
String un=request.getParameter("username");
String pwd = request.getParameter("password");

DirContext dirContext = createLdapContext();
Attributes attrs = dirContext.getAttributes("uid="+un+",ou=People,dc=example,dc=com");
String actualPwd = attrs.get("userPassword").toString();

if(pwd.equals(actualpwd)){
System.out.println("Password correct");
}else {
System.out.println("Password worng");
}
} catch (NamingException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
}

==============
 
Consider Paul's rocket mass heater.
reply
    Bookmark Topic Watch Topic
  • New Topic