java - 如何使用给定的LdapContext检查ldap中的用户密码? [英] How to check user password in ldap whith java with given LdapContext?

问题描述

我确实有一个网络应用程序，用户必须在其中登录.密码存储在 LDAP 服务器中.有关 LDAP 服务器的所有信息都作为外部 jndi 资源存储在应用程序服务器 (glassfish) 中.所以我的应用程序对 LDAP 服务器一无所知，只得到一个像这样的 LdapContext:

I do have a web-application, where users must log in. The password is stored in a LDAP server. All information about the LDAP server are stored in the application server (glassfish) as external jndi resource. So my application does no know anything about the LDAP server and only gets a LdapContext like this:

@Resource(name = "ldap/users")
private LdapContext ctx;

在这种情况下，很容易更改或读取为用户存储的信息，但我如何检查他们的密码?通常我会做一个新的连接来检查用户密码.像这样:

With this context it is easy to change or read the information stored for the users, but how do i check their passwords? Normally i would just do a new connection to check a users password. Like this:

Hashtable env = new Hashtable();
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.PROVIDER_URL, "ldap://localhost:389/o=JNDITutorial");

env.put(Context.SECURITY_AUTHENTICATION, "simple");
env.put(Context.SECURITY_PRINCIPAL, "cn=S. User, ou=NewHires, o=JNDITutorial");
env.put(Context.SECURITY_CREDENTIALS, "mysecret");

DirContext ctx = new InitialDirContext(env);

但是由于我不知道 this 参数，所以我不能这样做.那么如何使用我的 LdapContext 检查用户的密码是否正确?密码是加密存储的(ssha)，所以我不能只比较属性.

But since i don't know the this parameters i can't do this. So how do i check if the password of a user is correct with my LdapContext? The passwords are stored encrypted (ssha) so i can not just compare the attributes.

谢谢拉斐尔

推荐答案

您应该能够从 ldap 上下文中获取环境，克隆它，然后为您要检查的用户放置主体和凭据:

You should be able to get the environment from the ldap context, clone it, and then put the principal and credentials for the user you want to check:

@Resource(name = "ldap/users")
private LdapContext ldapContext;

Hashtable environment = ldapContext.getEnvironment().clone();
environment.put(Context.SECURITY_PRINCIPAL, userDN);
environment.put(Context.SECURITY_CREDENTIALS, userPassword);

DirContext dirContext = new InitialDirContext(environment);

这篇关于java - 如何使用给定的LdapContext检查ldap中的用户密码?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！