Pages

Ads 468x60px

Wednesday, July 25, 2012

Java: Authentication and Connection with LDAP using JNDI


This will help you to connect with LDAP using JNDI (Java Naming and Directory Interface). I used this to connect with IBM Tivoli Directory Server (TDS). The connection with LDAP will be on SSL and you can modify it for non SSL too. You can also authenticate a user of IBM Tivoli Directory Server (TDS). If user exists then he will be authenticated otherwise the given authentication method will throw an exception. I have used all default values for the connection, you should change all values according your environment settings.


import java.util.HashMap;
import java.util.Hashtable;
import javax.naming.ldap.InitialLdapContext;

// this class is for LDAP Connection
public class LDAPConnection {
// Set up values for LDAP Context Initialization
private static InitialLdapContext ctx = null;
private static Hashtable<String, String> hashtable = null;

// Set up default parameters for LDAP connection
private static String urlparam = "java.naming.provider.url";
private static String usernameparam = "java.naming.security.principal";
private static String passwordparam = "java.naming.security.credentials";
private static String versionparam = "java.naming.ldap.version";
private static String factory_initialparam = "java.naming.factory.initial";
private static String authenticationparam = "java.naming.security.authentication";
private static String protocolparam = "java.naming.security.protocol";
private static String referralparam = "java.naming.referral";

// Set up default values for LDAP connection
private static String url = "ldap://tameb:636";   // for non SSL use port '389'
private static String username = "cn=root";
private static String password = "object00";
private static String version = "3";
private static String factory_initial = "com.sun.jndi.ldap.LdapCtxFactory";
private static String authentication = "simple";
private static String protocol = "ssl";
private static String referral = "follow";

public static String base = "c=us";
public static String realm = "cn=realm1";

// Provide java trust store parameters where LDAP certificates are imported (in case of  SSL)
private static String truststoreparam = "javax.net.ssl.trustStore";
private static String ts_passwordparam = "javax.net.ssl.trustStorePassword";

// Provide java trust store values where LDAP certificates are imported (in case of  SSL)
private static String truststore = "/usr/java/jre1.6.0_30/lib/security/cacerts";
private static String ts_password = "changeit";

// set connection to LDAP
private static void setConnection() {
try {

// Set up LDAP configuration settings
hashtable = new Hashtable<String, String>();

System.setProperty(truststoreparam, truststore);
System.setProperty(ts_passwordparam, ts_password);

hashtable.put(versionparam, version);
hashtable.put(factory_initialparam, factory_initial);
hashtable.put(authenticationparam, authentication);
hashtable.put(protocolparam, protocol);
hashtable.put(usernameparam, username);
hashtable.put(passwordparam, password);
hashtable.put(referralparam, referral);
hashtable.put(urlparam, url);

// Make LDAP connection
ctx = new InitialLdapContext(hashtable, null);
} catch (Exception ex) {
ex.getMessage();
}
}

// initialize and give LDAP connection context
public static InitialLdapContext InitializeContext() {
setConnection();
return ctx;
}

// close LDAP connection context
public static void CloseContext() {
try {
// Close the connection to LDAP
ctx.close();
} catch (Exception ex) {
ex.getMessage();
}
}

// authenticate LDAP user
public static boolean authenticateUser(String name, String password) {
boolean authenticate = false;
try {

// Set up LDAP configuration settings
hashtable = new Hashtable<String, String>();

System.setProperty(truststoreparam, truststore);
System.setProperty(ts_passwordparam, ts_password);
String username = "sn=" + name + "," + realm + "," + base;
hashtable.put(versionparam, version);
hashtable.put(factory_initialparam, factory_initial);
hashtable.put(authenticationparam, authentication);
hashtable.put(protocolparam, protocol);
hashtable.put(usernameparam, username);
hashtable.put(passwordparam, password);
hashtable.put(referralparam, referral);
hashtable.put(urlparam, url);

// Make LDAP connection
ctx = new InitialLdapContext(hashtable, null);
authenticate = true;

} catch (Exception ex) {
ex.getMessage();
}
return authenticate;
}
}

No comments:

Post a Comment