疯狂java


您现在的位置: 疯狂软件 >> 新闻资讯 >> 正文

Java_基本LDAP操作


 

      一、简介

  Lightweight Directory Access Protocol (LDAP),轻型目录访问协议是一个访问在线目录服务的协议。下面的例子中简单介绍在java中队ldap的增删该查功能。目录结构为:

  CD=CAS,DC=MYDC

  --cn=users

  ----uid=zhangsan

  二、示例

  1、通过LdapContext连接ldap

  [java]

  /**

  * 连接LDAP

  */

  @SuppressWarnings({ "rawtypes", "unchecked" })

  public LdapContext connetLDAP() throws NamingException {

  // 连接Ldap需要的信息

  String ldapFactory = "com.sun.jndi.ldap.LdapCtxFactory";

  String ldapUrl = "ldap:/IP:port";// url

  String ldapAccount = "cn=root"; // 用户名

  String ldapPwd = "password";//密码

  Hashtable env = new Hashtable();

  env.put(Context.INITIAL_CONTEXT_FACTORY, ldapFactory);

  // LDAP server

  env.put(Context.PROVIDER_URL, ldapUrl);

  env.put(Context.SECURITY_AUTHENTICATION, "simple");

  env.put(Context.SECURITY_PRINCIPAL, ldapAccount);

  env.put(Context.SECURITY_CREDENTIALS, ldapPwd);

  env.put("java.naming.referral", "follow");

  LdapContext ctxTDS = new InitialLdapContext(env, null);

  return ctxTDS;

  }

  2、增加用户zhangsan

  [java]

  // 添加

  public void testAdd() throws Exception {

  LdapContext ctx = connetLDAP();

  Attributes attrs = new BasicAttributes(true);

  Attribute objclass = new BasicAttribute("objectclass");

  // 添加ObjectClass

  String[] attrObjectClassPerson = { "inetOrgPerson", "organizationalPerson", "person", "top" };

  Arrays.sort(attrObjectClassPerson);

  for (String ocp : attrObjectClassPerson) {

  objclass.add(ocp);

  }

  attrs.put(objclass);

  String uid = "zhangsan";

  String userDN = "uid=" + uid + "," + "cn=users,dc=cas,dc=mydc";

  // 密码处理

  // attrs.put("uid", uid);

  attrs.put("cn", uid);

  attrs.put("sn", uid);

  attrs.put("displayName", "张三");

  attrs.put("mail", "abc@163.com");

  attrs.put("description", "");

  attrs.put("userPassword", "Passw0rd".getBytes("UTF-8"));

  ctx.createSubcontext(userDN, attrs);

  }

  3、删除用户zhangsan

  [java]

  //删除

  public void testRemove() throws Exception {

  LdapContext ctx = connetLDAP();

  String uid = "zhangsan";

  String userDN = "uid=" + uid + "," + "cn=users,dc=cas,dc=mydc";

  ctx.destroySubcontext(userDN);

  }

  4、修改zhangsan的邮件地址

  [java]

  //修改

  public boolean testModify() throws Exception {

  boolean result = true;

  LdapContext ctx = connetLDAP();

  String uid = "zhangsan";

  String userDN = "uid=" + uid + "," + "cn=users,dc=cas,dc=mydc";

  Attributes attrs = new BasicAttributes(true);

  attrs.put("mail", "zhangsan@163.com");

  ctx.modifyAttributes(userDN, DirContext.REPLACE_ATTRIBUTE, attrs);

  return result;

  }

  5、查找用户

  [java]

  //查询

  public void testSearch() throws Exception {

  LdapContext ctx = connetLDAP();

  // 设置过滤条件

  String uid = "zhangsan";

  String filter = "(&(objectClass=top)(objectClass=organizationalPerson)(uid=" + uid + "))";

  // 限制要查询的字段内容

  String[] attrPersonArray = { "uid", "userPassword", "displayName", "cn", "sn", "mail", "description" };

  SearchControls searchControls = new SearchControls();

  searchControls.setSearchScope(SearchControls.SUBTREE_SCOPE);

  // 设置将被返回的Attribute

  searchControls.setReturningAttributes(attrPersonArray);

  // 三个参数分别为:

  // 上下文;

  // 要搜索的属性,如果为空或 null,则返回目标上下文中的所有对象;

  // 控制搜索的搜索控件,如果为 null,则使用默认的搜索控件

  NamingEnumeration answer = ctx.search("cn=users,dc=cas,dc=mydc", filter.toString(), searchControls);

  // 输出查到的数据

  while (answer.hasMore()) {

  SearchResult result = answer.next();

  NamingEnumeration attrs = result.getAttributes()。getAll();

  while (attrs.hasMore()) {

  Attribute attr = attrs.next();

  System.out.println(attr.getID() + "=" + attr.get());

  }

  System.out.println("============");

  }

  }