• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

JSP Web Application using a MySQL DB and Active Directory Authentication

 
Greenhorn
Posts: 6
  • Likes 1
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
The project: I want to make a web application for my company which will handle purchase requests/approvals. The process is as follows: employee submits request, a couple of superiors approve of it, along the way superiors will be notified by e-mail, request is finalized. The database part shouldn't be too hard and I think I got that figured out in my head. I think I can manage the DB-JSP connection but right now I'm stuck at authorization. Creating new users would be too much work and difficult to implement so I want to use AD. The app will be on the company server which all computers have access to. I have eclipse, MySQL and Tomcat set up, it all works fine but I can't seem to find what to do next. Google search results only get me half/old answers so I haven't been able to go from there. If you could point me in the right direction I'd much appreciate it.
 
Bartender
Posts: 1810
28
jQuery Netbeans IDE Eclipse IDE Firefox Browser MySQL Database Chrome Linux
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Furkan Kor wrote: I think I can manage the DB-JSP connection


In the name of all that is holy, do not put Java code in your JSP files. We'll gladly show you the correct way to use servlets and DAO's.

Now, as for authorization. Our company intranet uses AD to authorize users, but it's code that's old and ugly.

I suggest you start here:

https://webmoli.com/2014/01/03/java-sample-active-directory-authentication-code/

https://docs.oracle.com/javase/tutorial/jndi/ldap/authentication.html

http://www.developerscrappad.com/963/java/jndi/java-jndi-ldap-windows-active-directory-authentication-organizational-unit-group-and-other-information-access/

Give it your best shot and post your code here. We'll help you work out the problems.

 
Furkan Kor
Greenhorn
Posts: 6
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Thanks for your response. I got a look at the guides you linked, I started with the first one but couldn't really get it to work. Skipped the second one and went with the third. I installed directory studio with some trouble here and there, after a while I finally got it to work but I got an error saying "No schema information returned by server, using default schema." Googled a little, found the same problem in different cases but people generally say the program works nevertheless. The thing is, when I run the program nothing happens. No error, nothing. I went back to the first link, imported with git. Started that one, nothing. I've only had one class at my university so I have very little knowledge/experience in servlets/jsp's. At the moment though I have no idea how to continue.

This is my code:



Username, pw etc. on the server are different than in the example of course but I'd expect to get an error because of that which doesn't happen.
 
J. Kevin Robbins
Bartender
Posts: 1810
28
jQuery Netbeans IDE Eclipse IDE Firefox Browser MySQL Database Chrome Linux
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
A couple of things. What you are writing has nothing to do with web apps, JSP's, or Servlets. It's just a class with a main method. But that's okay. This gives you a way to test the code and later on it can be modified and called from a servlet.

Now on to the code itself. I haven't tried it yet, but will later. You say you aren't getting an error, but how do you know? Your catch block does nothing; it's just swallowing any errors. Change it to this:



I'd put something in the try block, too.



Now what happens when you run it?
 
Furkan Kor
Greenhorn
Posts: 6
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
The part about JSP's and servlets was to "justify" my not understanding the problem and to sound less stupid if what I'm asking made no sense. Otherwise I know this is just a class. Leaving the try-catch empty was another stupid thing, should've known that as well. Anyway, I've added the parts you wrote and it's still the same. Run-Tomcat starts-nothing else. 1 warning that local variable ctx is not used and that's all.
 
J. Kevin Robbins
Bartender
Posts: 1810
28
jQuery Netbeans IDE Eclipse IDE Firefox Browser MySQL Database Chrome Linux
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
The more I look at this, the less I like it. HashTable is obsolete and shouldn't be used. I think SECURITY_PRINCIPAL should be in the form "domain/username".

I'm going to see how this compares to our AD validation. I'm also going to copy this thread to our security forum and see if we can get some more experienced help there.

But the first question is, how do you know your LDAP is working? It looks like you've setup a test server for the purpose of developing this app, so how do you know that it's correct?
 
Furkan Kor
Greenhorn
Posts: 6
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
The more I read your comments the more I think I'm doing something completely wrong. I'll just explain the whole situation, guess that would be the easiest. I'm an intern at a firm. I know the LDAP works because it's currently in use. I can run queries on it etc. When I set up a new LDAP connection via Eclipse I could connect it with the server. However, I did get an error which I mentioned in my previous comment, the one about schema info. What I get in the LDAP browser is a Root DSE folder, when I open it I get a bunch of attributes and values. I hope that explains it.
 
J. Kevin Robbins
Bartender
Posts: 1810
28
jQuery Netbeans IDE Eclipse IDE Firefox Browser MySQL Database Chrome Linux
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I'm still searching for help and testing some code, but these links might be helpful.

https://tnegri.com/2015/10/28/active-directory-authentication-in-java/

http://blogs.artinsoft.net/Mrojas/archive/2007/05/14/Active-Directory-LDAP-and-Java.aspx

https://mhimu.wordpress.com/2009/03/18/active-directory-authentication-using-javajndi/

http://myjeeva.com/querying-active-directory-using-java.html

http://www.adamretter.org.uk/blog/entries/LDAPTest.java

https://sites.google.com/site/ahammad/authenticating-users-with-windows-active-directory-from-java

Also, it appears that using the obsolete Hashtable is the only way to do it. It looks like the javax.naming. packages haven't been updated in a long time.

And using the name + "@" + domain is the correct way to format SECURITY_PRINCIPAL.
 
J. Kevin Robbins
Bartender
Posts: 1810
28
jQuery Netbeans IDE Eclipse IDE Firefox Browser MySQL Database Chrome Linux
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Furkan Kor wrote:However, I did get an error which I mentioned in my previous comment, the one about schema info.


I missed this. What error message related to schema are you getting?
 
Furkan Kor
Greenhorn
Posts: 6
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
- No schema information returned by server, using default schema.
This is the error I'm getting. I'll take a look at those links. Thanks.
 
Furkan Kor
Greenhorn
Posts: 6
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Quick Update: I tried to fix the error with no success. Decided to switch to .NET. Got the LDAP connection working and connected to a database(printed content of a table). I've had to fix a bunch of errors along the way ofc. Next will be the design, handling multiple tables and finally authorization/roles. Thank you for all your help, J. Kevin Robbins.
 
With a little knowledge, a cast iron skillet is non-stick and lasts a lifetime.
reply
    Bookmark Topic Watch Topic
  • New Topic