如何在给定LdapContext的ldap whith java中检查用户密码？ [英] How to check user password in ldap whith java with given LdapContext?

问题描述

我有一个Web应用程序，用户必须登录。密码存储在LDAP服务器中。有关LDAP服务器的所有信息都作为外部jndi资源存储在应用程序服务器（glassfish）中。所以我的应用程序对LDAP服务器一无所知，只得到这样的LdapContext：

I do have a web-application, where users must log in. The password is stored in a LDAP server. All information about the LDAP server are stored in the application server (glassfish) as external jndi resource. So my application does no know anything about the LDAP server and only gets a LdapContext like this:

@Resource(name = "ldap/users")
private LdapContext ctx;

使用此上下文可以轻松更改或读取为用户存储的信息，但我如何检查他们的密码？
通常我会做一个新连接来检查用户密码。像这样：

With this context it is easy to change or read the information stored for the users, but how do i check their passwords? Normally i would just do a new connection to check a users password. Like this:

Hashtable env = new Hashtable();
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.PROVIDER_URL, "ldap://localhost:389/o=JNDITutorial");

env.put(Context.SECURITY_AUTHENTICATION, "simple");
env.put(Context.SECURITY_PRINCIPAL, "cn=S. User, ou=NewHires, o=JNDITutorial");
env.put(Context.SECURITY_CREDENTIALS, "mysecret");

DirContext ctx = new InitialDirContext(env);

但由于我不知道这个参数我不能这样做。那么如何使用我的LdapContext检查用户的密码是否正确？
密码以加密方式存储（ssha），所以我不能只比较属性。

But since i don't know the this parameters i can't do this. So how do i check if the password of a user is correct with my LdapContext? The passwords are stored encrypted (ssha) so i can not just compare the attributes.

谢谢
Raffael

Thanks Raffael

推荐答案

您应该能够从ldap上下文获取环境，克隆它，然后为您要检查的用户提供主体和凭据：

You should be able to get the environment from the ldap context, clone it, and then put the principal and credentials for the user you want to check:

@Resource(name = "ldap/users")
private LdapContext ldapContext;

Hashtable environment = ldapContext.getEnvironment().clone();
environment.put(Context.SECURITY_PRINCIPAL, userDN);
environment.put(Context.SECURITY_CREDENTIALS, userPassword);

DirContext dirContext = new InitialDirContext(environment);

这篇关于如何在给定LdapContext的ldap whith java中检查用户密码？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！