You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@directory.apache.org by "Cook, Lee (IS) (Contr)" <R....@ngc.com> on 2010/03/11 04:42:13 UTC

first small ldap java design

Hi,

Im new to LDAP Java and need to provide code for the following usecase.

Wondering if anyone might review my initial logic notes writen in novice terms

perhaps offer some advice, pseudo or even real LDAP Java code examples.

taking first baby steps...

Thks, Lee!

 

1- connect to the customer's LDAP Directory service

  LDAPAPI:  

   get a new InitialDirContext() with customer's LDAP Directory service

   hostname:port, Bind principal and Bind principal password

   ? supply base DN ?

    

2- authenticate simple mode LDAP username/password credentials

  LDAPAPI:

   uid = username,  userpassword = password

   ? user password stored in UNIX crypt format ?

   Bind ?

   Search user uid, userpassword?

    

3- if authenticated, retrieve membership of 3 possible role groups,

   and the personname attribute value

  LDAPAPI:

  Search and return attributes ?

  

4- Close the LDAP service connection

  LDAPAPI:

  Unbind 

 *

Re: first small ldap java design

Posted by Stefan Zoerner <st...@labeo.de>.

Cook, Lee (IS) (Contr) wrote:
> 2- authenticate simple mode LDAP username/password credentials
> 
>   LDAPAPI:
> 
>    uid = username,  userpassword = password
> 
>    ? user password stored in UNIX crypt format ?
> 
>    Bind ?
> 
>    Search user uid, userpassword?

It is very uncommon to search entries with a specific uid and password, 
because the password will in almost all cases not be readable.

Normally, you search an entry with a uid, and bind with the returned DN 
and the given password.

Note that a bind in JNDI is not a bind in LDAP. The bind in JNDI is an 
add in LDAP (just to reduce confusion).

Greetings from Hamburg,
     StefanZ

Re: first small ldap java design

Posted by Emmanuel Lecharny <el...@gmail.com>.

On 3/11/10 7:23 PM, Cook, Lee (IS) (Contr) wrote:
> a simpler question.
> if i authenticate by getting an InitialDirContext with a user as principal,
> how can i use the context to pull this users attributes?
> Context.getAttributes() expects a Name, confused...
>    
You should have a look at 
http://java.sun.com/products/jndi/tutorial/trailmap.html.--

Regards,
Cordialement,
Emmanuel Lécharny
www.nextury.com

RE: first small ldap java design

Posted by "Cook, Lee (IS) (Contr)" <R....@ngc.com>.

a simpler question.
if i authenticate by getting an InitialDirContext with a user as principal,
how can i use the context to pull this users attributes?
Context.getAttributes() expects a Name, confused...
Lee!

________________________________

From: Cook, Lee (IS) (Contr) [mailto:R.Lee.Cook@ngc.com]
Sent: Wed 3/10/2010 9:42 PM
To: users@directory.apache.org
Subject: first small ldap java design



Hi,

Im new to LDAP Java and need to provide code for the following usecase.

Wondering if anyone might review my initial logic notes writen in novice terms

perhaps offer some advice, pseudo or even real LDAP Java code examples.

taking first baby steps...

Thks, Lee!



1- connect to the customer's LDAP Directory service

  LDAPAPI: 

   get a new InitialDirContext() with customer's LDAP Directory service

   hostname:port, Bind principal and Bind principal password

   ? supply base DN ?

   

2- authenticate simple mode LDAP username/password credentials

  LDAPAPI:

   uid = username,  userpassword = password

   ? user password stored in UNIX crypt format ?

   Bind ?

   Search user uid, userpassword?

   

3- if authenticated, retrieve membership of 3 possible role groups,

   and the personname attribute value

  LDAPAPI:

  Search and return attributes ?

 

4- Close the LDAP service connection

  LDAPAPI:

  Unbind

 *