目錄:
- 概述
- 基本操作
[一]、概述
jldap 官網:http://www.openldap.org/jldap/
可以從官網下載源編譯生成jar包,如果項目是用maven構建的,在pom.xml中增加如下內容即可:
2 |
< groupId >com.novell.ldap</ groupId > |
3 |
< artifactId >jldap</ artifactId > |
[二]、基本操作
爲了演示基本的操作,需要搭建個LDAP服務,有關openLDAP在windows上的安裝配置可參見:http://www.micmiu.com/enterprise-app/sso/openldap-windows-config/ ,我配置好演示用的LDAP基本信息可見客戶端截圖:
1.查詢
java代碼:LDAPSearchDemo.java
1 |
package com.micmiu.ldap; |
3 |
import java.io.UnsupportedEncodingException; |
4 |
import java.util.Enumeration; |
5 |
import java.util.Iterator; |
7 |
import com.novell.ldap.LDAPAttribute; |
8 |
import com.novell.ldap.LDAPAttributeSet; |
9 |
import com.novell.ldap.LDAPConnection; |
10 |
import com.novell.ldap.LDAPEntry; |
11 |
import com.novell.ldap.LDAPException; |
12 |
import com.novell.ldap.LDAPSearchResults; |
13 |
import com.novell.ldap.util.Base64; |
21 |
public class
LDAPSearchDemo { |
27 |
public
static void
main(String[] args) { |
29 |
String ldapHost =
"localhost" ; |
30 |
String loginDN =
"cn=Manager,dc=micmiu,dc=com" ; |
31 |
String password =
"secret" ; |
32 |
String searchBase =
"dc=micmiu,dc=com" ; |
33 |
String searchFilter =
"objectClass=*" ; |
35 |
int
ldapPort = LDAPConnection.DEFAULT_PORT; |
38 |
int
searchScope = LDAPConnection.SCOPE_SUB; |
40 |
LDAPConnection lc =
new LDAPConnection(); |
42 |
lc.connect(ldapHost, ldapPort); |
43 |
lc.bind(LDAPConnection.LDAP_V3, loginDN, password.getBytes( "UTF8" )); |
44 |
LDAPSearchResults searchResults = lc.search(searchBase, |
45 |
searchScope, searchFilter,
null , false ); |
47 |
while
(searchResults.hasMore()) { |
48 |
LDAPEntry nextEntry =
null ; |
50 |
nextEntry = searchResults.next(); |
51 |
}
catch (LDAPException e) { |
52 |
System.out.println( "Error: "
+ e.toString()); |
53 |
if
(e.getResultCode() == LDAPException.LDAP_TIMEOUT |
54 |
|| e.getResultCode() == LDAPException.CONNECT_ERROR) { |
60 |
System.out.println( "DN =: "
+ nextEntry.getDN()); |
61 |
System.out.println( "|---- Attributes list: " ); |
62 |
LDAPAttributeSet attributeSet = nextEntry.getAttributeSet(); |
63 |
Iterator<LDAPAttribute> allAttributes = attributeSet.iterator(); |
64 |
while
(allAttributes.hasNext()) { |
65 |
LDAPAttribute attribute = allAttributes.next(); |
66 |
String attributeName = attribute.getName(); |
68 |
Enumeration<String> allValues = attribute.getStringValues(); |
69 |
if
( null
== allValues) { |
72 |
while
(allValues.hasMoreElements()) { |
73 |
String value = allValues.nextElement(); |
74 |
if
(!Base64.isLDIFSafe(value)) { |
76 |
value = Base64.encode(value.getBytes()); |
78 |
System.out.println( "|---- ---- "
+ attributeName |
84 |
}
catch (LDAPException e) { |
85 |
System.out.println( "Error: "
+ e.toString()); |
86 |
}
catch (UnsupportedEncodingException e) { |
87 |
System.out.println( "Error: "
+ e.toString()); |
90 |
if
(lc.isConnected()) { |
93 |
}
catch (Exception e) { |
運行結果:
DN =: dc=micmiu,dc=com
|---- Attributes list:
|---- ---- dc = micmiu
|---- ---- o = Michael Blog
|---- ---- objectClass = domain
|---- ---- objectClass = top
DN =: ou=Developer,dc=micmiu,dc=com
|---- Attributes list:
|---- ---- description = Container for developer entries
|---- ---- ou = Developer
|---- ---- objectClass = organizationalUnit
DN =: ou=Tester,dc=micmiu,dc=com
|---- Attributes list:
|---- ---- description = Container for test entries
|---- ---- ou = Tester
|---- ---- objectClass = organizationalUnit
DN =: uid=Michael,ou=Developer,dc=micmiu,dc=com
|---- Attributes list:
|---- ---- userPassword = 111111
|---- ---- labeledURI = http://www.micmiu.com
|---- ---- uid = Michael
|---- ---- sn = Sun
|---- ---- cn = Michael Sun
|---- ---- mail = [email protected]
|---- ---- objectClass = inetOrgPerson
DN =: uid=Miumiu,ou=Tester,dc=micmiu,dc=com
|---- Attributes list:
|---- ---- userPassword = 111111
|---- ---- labeledURI = http://www.micmiu.com
|---- ---- uid = Miumiu
|---- ---- sn = Wu
|---- ---- cn = Miumiu Wu
|---- ---- objectClass = inetOrgPerson
DN =: dc=app1,dc=micmiu,dc=com
|---- Attributes list:
|---- ---- dc = app1
|---- ---- o = Michael Demo
|---- ---- objectClass = domain
DN =: dc=app2,dc=micmiu,dc=com
|---- Attributes list:
|---- ---- dc = app2
|---- ---- o = Michael Demo
|---- ---- objectClass = domain
DN =: ou=Demo,dc=app1,dc=micmiu,dc=com
|---- Attributes list:
|---- ---- description = Container for Demo entries
|---- ---- ou = Developer
|---- ---- ou = Demo
|---- ---- objectClass = organizationalUnit
DN =: ou=Demo,dc=app2,dc=micmiu,dc=com
|---- Attributes list:
|---- ---- description = Container for Demo entries
|---- ---- ou = Developer
|---- ---- ou = Demo
|---- ---- objectClass = organizationalUnit
DN =: uid=michael,ou=Demo,dc=app1,dc=micmiu,dc=com
|---- Attributes list:
|---- ---- userPassword = 111111
|---- ---- labeledURI = http://www.micmiu.com
|---- ---- uid = michael
|---- ---- sn = Sun
|---- ---- cn = Michael Sun
|---- ---- mail = [email protected]
|---- ---- objectClass = inetOrgPerson
DN =: uid=hazel,ou=Demo,dc=app1,dc=micmiu,dc=com
|---- Attributes list:
|---- ---- userPassword = 111111
|---- ---- labeledURI = http://www.micmiu.com
|---- ---- uid = hazel
|---- ---- sn = Wu
|---- ---- cn = Hazel Wu
|---- ---- objectClass = inetOrgPerson
DN =: uid=michael,ou=Demo,dc=app2,dc=micmiu,dc=com
|---- Attributes list:
|---- ---- userPassword = 111111
|---- ---- labeledURI = http://www.micmiu.com
|---- ---- uid = michael
|---- ---- sn = Sun
|---- ---- cn = Michael Sun
|---- ---- mail = [email protected]
|---- ---- objectClass = inetOrgPerson
DN =: uid=hazel,ou=Demo,dc=app2,dc=micmiu,dc=com
|---- Attributes list:
|---- ---- userPassword = 111111
|---- ---- labeledURI = http://www.micmiu.com
|---- ---- uid = hazel
|---- ---- sn = Wu
|---- ---- cn = Hazel Wu
|---- ---- objectClass = inetOrgPerson
查詢結果和客戶端查詢出的信息一致。
2.添加
java代碼:LDAPAddEntry.java
1 |
package com.micmiu.ldap; |
3 |
import java.io.UnsupportedEncodingException; |
5 |
import com.novell.ldap.LDAPAttribute; |
6 |
import com.novell.ldap.LDAPAttributeSet; |
7 |
import com.novell.ldap.LDAPConnection; |
8 |
import com.novell.ldap.LDAPEntry; |
9 |
import com.novell.ldap.LDAPException; |
18 |
public class
LDAPAddEntry { |
24 |
public
static void
main(String[] args) { |
26 |
String ldapHost =
"localhost" ; |
27 |
String loginDN =
"cn=Manager,dc=micmiu,dc=com" ; |
28 |
String password =
"secret" ; |
29 |
String containerName =
"dc=micmiu,dc=com" ; |
31 |
int
ldapPort = LDAPConnection.DEFAULT_PORT; |
32 |
int
ldapVersion = LDAPConnection.LDAP_V3; |
33 |
LDAPConnection lc =
new LDAPConnection(); |
34 |
LDAPAttributeSet attributeSet =
new LDAPAttributeSet(); |
36 |
attributeSet.add( new
LDAPAttribute( "objectclass" ,
new String( |
38 |
attributeSet.add( new
LDAPAttribute( "cn" ,
"Wukong Sun" )); |
39 |
attributeSet.add( new
LDAPAttribute( "sn" ,
"Sun" )); |
41 |
attributeSet.add( new
LDAPAttribute( "labeledURI" , |
43 |
attributeSet.add( new
LDAPAttribute( "userPassword" ,
"111111" )); |
44 |
attributeSet.add( new
LDAPAttribute( "uid" ,
"addnew" )); |
45 |
String dn =
"uid=addnew,ou=Developer," +containerName; |
46 |
LDAPEntry newEntry =
new LDAPEntry(dn, attributeSet); |
48 |
lc.connect(ldapHost, ldapPort); |
49 |
lc.bind(ldapVersion, loginDN, password.getBytes( "UTF8" )); |
50 |
System.out.println( "login ldap server successfully." ); |
52 |
System.out.println( "Added object: "
+ dn + " successfully." ); |
53 |
}
catch (LDAPException e) { |
55 |
}
catch (UnsupportedEncodingException e) { |
56 |
System.out.println( "Error: "
+ e.toString()); |
59 |
if
(lc.isConnected()) { |
62 |
}
catch (Exception e) { |
運行結果:
login ldap server successfully.
Added object: uid=addnew,ou=Developer,dc=micmiu,dc=com successfully.
客戶端刷新後的截圖:
3.刪除
java代碼:LDAPDeleteEntry.java
1 |
package com.micmiu.ldap; |
3 |
import java.io.UnsupportedEncodingException; |
5 |
import com.novell.ldap.LDAPConnection; |
6 |
import com.novell.ldap.LDAPException; |
15 |
public class
LDAPDeleteEntry { |
20 |
public
static void
main(String[] args) { |
22 |
String ldapHost =
"localhost" ; |
23 |
String loginDN =
"cn=Manager,dc=micmiu,dc=com" ; |
24 |
String password =
"secret" ; |
25 |
String deleteDN =
"uid=addnew,ou=Developer,dc=micmiu,dc=com" ; |
27 |
int
ldapPort = LDAPConnection.DEFAULT_PORT; |
28 |
int
ldapVersion = LDAPConnection.LDAP_V3; |
29 |
LDAPConnection lc =
new LDAPConnection(); |
31 |
lc.connect(ldapHost, ldapPort); |
32 |
lc.bind(ldapVersion, loginDN, password.getBytes( "UTF8" )); |
35 |
System.out.println( " delete Entry: "
+ deleteDN + " success." ); |
37 |
}
catch (LDAPException e) { |
38 |
if
(e.getResultCode() == LDAPException.NO_SUCH_OBJECT) { |
39 |
System.err.println( "Error: No such object" ); |
40 |
}
else if
(e.getResultCode() == LDAPException.INSUFFICIENT_ACCESS_RIGHTS) { |
41 |
System.err.println( "Error: Insufficient rights" ); |
43 |
System.err.println( "Error: "
+ e.toString()); |
45 |
}
catch (UnsupportedEncodingException e) { |
46 |
System.out.println( "Error: "
+ e.toString()); |
49 |
if
(lc.isConnected()) { |
52 |
}
catch (Exception e) { |
運行結果:
delete Entry: uid=addnew,ou=Developer,dc=micmiu,dc=com success.
在刷新客戶端後發現剛新增加的條目:addnew 已經被刪除了。
4.修改屬性
java代碼:LDAPAddEntry.java
1 |
package com.micmiu.ldap; |
3 |
import java.io.UnsupportedEncodingException; |
4 |
import java.util.ArrayList; |
8 |
import com.novell.ldap.LDAPAttribute; |
9 |
import com.novell.ldap.LDAPConnection; |
10 |
import com.novell.ldap.LDAPException; |
11 |
import com.novell.ldap.LDAPModification; |
20 |
public class
LDAPModifyAttrs { |
25 |
public
static void
main(String[] args) { |
27 |
String ldapHost =
"localhost" ; |
28 |
String loginDN =
"cn=Manager,dc=micmiu,dc=com" ; |
29 |
String password =
"secret" ; |
30 |
String modifyDN =
"uid=Michael,ou=Developer,dc=micmiu,dc=com" ; |
32 |
int
ldapPort = LDAPConnection.DEFAULT_PORT; |
33 |
int
ldapVersion = LDAPConnection.LDAP_V3; |
34 |
LDAPConnection lc =
new LDAPConnection(); |
36 |
List<LDAPModification> modList =
new ArrayList<LDAPModification>(); |
39 |
String desc =
"This object was modified at "
+ new Date(); |
40 |
LDAPAttribute attribute =
new LDAPAttribute( "description" , desc); |
41 |
modList.add( new
LDAPModification(LDAPModification.ADD, attribute)); |
43 |
attribute =
new LDAPAttribute( "telephoneNumber" ,
"180-8888-xxxx" ); |
44 |
modList.add( new
LDAPModification(LDAPModification.ADD, attribute)); |
47 |
attribute =
new LDAPAttribute( "labeledURI" ,
"www.micmiu.com" ); |
48 |
modList.add( new
LDAPModification(LDAPModification.REPLACE, attribute)); |
51 |
attribute =
new LDAPAttribute( "mail" ); |
52 |
modList.add( new
LDAPModification(LDAPModification.DELETE, attribute)); |
54 |
LDAPModification[] mods =
new LDAPModification[modList.size()]; |
55 |
mods = (LDAPModification[]) modList.toArray(mods); |
58 |
lc.connect(ldapHost, ldapPort); |
59 |
lc.bind(ldapVersion, loginDN, password.getBytes( "UTF8" )); |
60 |
lc.modify(modifyDN, mods); |
62 |
.println( "LDAPAttribute add、replace、delete all successful." ); |
63 |
}
catch (LDAPException e) { |
65 |
}
catch (UnsupportedEncodingException e) { |
66 |
System.out.println( "Error: "
+ e.toString()); |
69 |
if
(lc.isConnected()) { |
72 |
}
catch (Exception e) { |
修改後客戶端查詢到的信息截圖如下:
5.驗證密碼
java代碼:LDAPVerifyPassword.java
1 |
package com.micmiu.ldap; |
3 |
import java.io.UnsupportedEncodingException; |
5 |
import com.novell.ldap.LDAPAttribute; |
6 |
import com.novell.ldap.LDAPConnection; |
7 |
import com.novell.ldap.LDAPException; |
16 |
public class
LDAPVerifyPassword { |
21 |
public
static void
main(String[] args) { |
23 |
String ldapHost =
"localhost" ; |
24 |
String loginDN =
"cn=Manager,dc=micmiu,dc=com" ; |
25 |
String password =
"secret" ; |
26 |
String verifyDN =
"uid=Michael,ou=Developer,dc=micmiu,dc=com" ; |
27 |
String verifyPassword =
"111111" ; |
29 |
int
ldapPort = LDAPConnection.DEFAULT_PORT; |
31 |
int
ldapVersion = LDAPConnection.LDAP_V3; |
32 |
LDAPConnection lc =
new LDAPConnection(); |
35 |
lc.connect(ldapHost, ldapPort); |
36 |
lc.bind(ldapVersion, loginDN, password.getBytes( "UTF8" )); |
37 |
LDAPAttribute attr =
new LDAPAttribute( "userPassword" , |
39 |
boolean
correct = lc.compare(verifyDN, attr); |
40 |
System.out.println(correct ?
"The password is correct.^_^" |
41 |
:
"The password is incorrect.!!!" ); |
42 |
}
catch (LDAPException e) { |
44 |
if
(e.getResultCode() == LDAPException.NO_SUCH_OBJECT) { |
45 |
System.err.println( "Error: No such entry" ); |
46 |
}
else if
(e.getResultCode() == LDAPException.NO_SUCH_ATTRIBUTE) { |
47 |
System.err.println( "Error: No such attribute" ); |
49 |
System.err.println( "Error: "
+ e.toString()); |
51 |
}
catch (UnsupportedEncodingException e) { |
52 |
System.err.println( "Error: "
+ e.toString()); |
55 |
if
(lc.isConnected()) { |
58 |
}
catch (Exception e) { |
運行結果:
The password is correct.^_^
驗證密碼成功。
—-