You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@directory.apache.org by "Cook, Lee (IS) (Contr)" <R....@ngc.com> on 2010/03/11 04:42:13 UTC
first small ldap java design
Hi,
Im new to LDAP Java and need to provide code for the following usecase.
Wondering if anyone might review my initial logic notes writen in novice terms
perhaps offer some advice, pseudo or even real LDAP Java code examples.
taking first baby steps...
Thks, Lee!
1- connect to the customer's LDAP Directory service
LDAPAPI:
get a new InitialDirContext() with customer's LDAP Directory service
hostname:port, Bind principal and Bind principal password
? supply base DN ?
2- authenticate simple mode LDAP username/password credentials
LDAPAPI:
uid = username, userpassword = password
? user password stored in UNIX crypt format ?
Bind ?
Search user uid, userpassword?
3- if authenticated, retrieve membership of 3 possible role groups,
and the personname attribute value
LDAPAPI:
Search and return attributes ?
4- Close the LDAP service connection
LDAPAPI:
Unbind
*
Re: first small ldap java design
Posted by Stefan Zoerner <st...@labeo.de>.
Cook, Lee (IS) (Contr) wrote:
> 2- authenticate simple mode LDAP username/password credentials
>
> LDAPAPI:
>
> uid = username, userpassword = password
>
> ? user password stored in UNIX crypt format ?
>
> Bind ?
>
> Search user uid, userpassword?
It is very uncommon to search entries with a specific uid and password,
because the password will in almost all cases not be readable.
Normally, you search an entry with a uid, and bind with the returned DN
and the given password.
Note that a bind in JNDI is not a bind in LDAP. The bind in JNDI is an
add in LDAP (just to reduce confusion).
Greetings from Hamburg,
StefanZ
Re: first small ldap java design
Posted by Emmanuel Lecharny <el...@gmail.com>.
On 3/11/10 7:23 PM, Cook, Lee (IS) (Contr) wrote:
> a simpler question.
> if i authenticate by getting an InitialDirContext with a user as principal,
> how can i use the context to pull this users attributes?
> Context.getAttributes() expects a Name, confused...
>
You should have a look at
http://java.sun.com/products/jndi/tutorial/trailmap.html.--
Regards,
Cordialement,
Emmanuel Lécharny
www.nextury.com
RE: first small ldap java design
Posted by "Cook, Lee (IS) (Contr)" <R....@ngc.com>.
a simpler question.
if i authenticate by getting an InitialDirContext with a user as principal,
how can i use the context to pull this users attributes?
Context.getAttributes() expects a Name, confused...
Lee!
________________________________
From: Cook, Lee (IS) (Contr) [mailto:R.Lee.Cook@ngc.com]
Sent: Wed 3/10/2010 9:42 PM
To: users@directory.apache.org
Subject: first small ldap java design
Hi,
Im new to LDAP Java and need to provide code for the following usecase.
Wondering if anyone might review my initial logic notes writen in novice terms
perhaps offer some advice, pseudo or even real LDAP Java code examples.
taking first baby steps...
Thks, Lee!
1- connect to the customer's LDAP Directory service
LDAPAPI:
get a new InitialDirContext() with customer's LDAP Directory service
hostname:port, Bind principal and Bind principal password
? supply base DN ?
2- authenticate simple mode LDAP username/password credentials
LDAPAPI:
uid = username, userpassword = password
? user password stored in UNIX crypt format ?
Bind ?
Search user uid, userpassword?
3- if authenticated, retrieve membership of 3 possible role groups,
and the personname attribute value
LDAPAPI:
Search and return attributes ?
4- Close the LDAP service connection
LDAPAPI:
Unbind
*