Java tutorial
/** * IntelliGID, Open Source Enterprise Search * Copyright (C) 2010 DocuLibre inc. * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program. If not, see <http://www.gnu.org/licenses/>. */ package com.constellio.model.services.users.sync; /** * ldapfastbind.java * * Sample JNDI application to use Active Directory LDAP_SERVER_FAST_BIND connection control * */ import java.util.Hashtable; import javax.naming.AuthenticationException; import javax.naming.Context; import javax.naming.NamingException; import javax.naming.ldap.Control; import javax.naming.ldap.InitialLdapContext; import javax.naming.ldap.LdapContext; import org.apache.commons.lang3.StringUtils; @SuppressWarnings("serial") class FastBindConnectionControl implements Control { public byte[] getEncodedValue() { return null; } public String getID() { return "1.2.840.113556.1.4.1781"; } public boolean isCritical() { return true; } } @SuppressWarnings("rawtypes") public class LDAPFastBind { public Hashtable env = null; public LdapContext ctx = null; public Control[] connCtls = null; @SuppressWarnings("unchecked") public LDAPFastBind(String ldapurl, Boolean followReferences, boolean activeDirectory) { env = new Hashtable(); //This can make LDAP search slow : http://stackoverflow.com/questions/16412236/how-to-resolve-javax-naming-partialresultexception //env.put(Context.REFERRAL, "follow"); env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory"); env.put(Context.SECURITY_AUTHENTICATION, "simple"); env.put(Context.PROVIDER_URL, ldapurl); env.put("java.naming.ldap.attributes.binary", "tokenGroups objectSid"); if (followReferences) { env.put(Context.REFERRAL, "follow"); } if (StringUtils.startsWith(ldapurl, "ldaps")) { //env.put(Context.SECURITY_PROTOCOL, "ssl"); env.put("java.naming.ldap.factory.socket", "com.constellio.model.services.users.sync.ldaps.DummySSLSocketFactory"); } if (activeDirectory) { connCtls = new Control[] { new FastBindConnectionControl() }; } else { connCtls = new Control[] {}; } //first time we initialize the context, no credentials are supplied //therefore it is an anonymous bind. /*try { ctx = new InitialLdapContext(env, connCtls); } catch (NamingException e) { throw new RuntimeNamingException(e.getMessage()); }*/ //FIX de Vincent pour o a q try { ctx = new InitialLdapContext(env, connCtls); } catch (NamingException e) { if (activeDirectory) { connCtls = new Control[] {}; try { ctx = new InitialLdapContext(env, connCtls); } catch (NamingException e2) { throw new RuntimeException(e); } } else { throw new RuntimeException(e); } } } public boolean authenticate(String username, String password) { try { ctx.addToEnvironment(Context.SECURITY_PRINCIPAL, username); ctx.addToEnvironment(Context.SECURITY_CREDENTIALS, password); ctx.reconnect(connCtls); // System.out.println(username + " is authenticated"); return true; } catch (AuthenticationException e) { // System.out.println(username + " is not authenticated"); return false; } catch (NamingException e) { // System.out.println(username + " is not authenticated"); return false; } } public void close() { try { ctx.close(); } catch (NamingException e) { throw new RuntimeNamingException(e.getMessage()); } } }