在Windows上使用登录的用户查询Java中的Active Directory [英] Query Active Directory in Java using a logged on user on windows
问题描述
如何使用Windows中当前登录的用户来查询Java中的活动目录?
How do I query the active directory in Java using the current logged on user in windows?
这可以通过将C ++与ldap_bind_s一起使用并在凭据中传递null来实现. 它使您可以使用当前登录的用户绑定到AD并查询AD,但在Java中找不到等效的对象.
This is possible using C++ with ldap_bind_s and passing null in the credential. It lets you bind to the AD with the current logged on user and query AD but I could not find its equivalent in Java.
我在其他地方看到可以使用kerberos,但是kerberos强迫我为用户生成一个密钥表文件,并使用它使用GSSAPI与AD进行通信.我想避免要求用户生成密钥表文件.
I saw at other places that I can use kerberos but kerberos forces me to generate a keytab file for the user and uses it to communicate with AD using GSSAPI. I want to avoid asking users to generate keytab file.
我看到NTLMLoginModule可以让您登录而无需任何类型的keytab文件或凭据,但是同样没有使用NTLMLoginModule绑定到AD的Java库.
I see that NTLMLoginModule lets you login without asking for any kind of keytab file or credential but then again there is no java library for binding to AD using the NTLMLoginModule.
同样,我正在寻找仅针对AD的解决方案,而不是通用LDAP解决方案.我知道通用的LDAP解决方案无法以这种方式工作.
Again, I am looking for a solution only for AD and not a generic LDAP solution. I know that a generic LDAP solution will not work this way.
推荐答案
我要离开 Jespa库.或者,您可以使用由
I'm going off of this guy's post. You can go with the commercial Jespa library, which uses NTLMv2. Or you can go with the open source com4j project that uses ADSI, created by Kohsuke Kawaguchi.
这篇关于在Windows上使用登录的用户查询Java中的Active Directory的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
