java操作ldap
使用jndi连接ldap数据库,操作ldap条目
1,连接ldap数据库:
public DirContext createDirContext(String ip,int port,String bindDn,String password){ Hashtable<String, String> env = new Hashtable<String, String>(); env.put(Context.INITIAL_CONTEXT_FACTORY,"com.sun.jndi.ldap.LdapCtxFactory"); env.put(Context.PROVIDER_URL, "ldap://" + ip + ":" + port); env.put(Context.SECURITY_AUTHENTICATION, "simple"); env.put(Context.SECURITY_PRINCIPAL, bindDn); env.put(Context.SECURITY_CREDENTIALS, password); DirContext ctx = null; try{ ctx = new InitialDirContext(env); }catch(new InitialDirContext(env);){ e.printStackTrace(); } return ctx; }
能否成功创建DirContext对象可以用来测试绑定用户密码是否正确,在进行ldap登陆测试时使用。
2,创建条目
public void addItem(String ip,int port,String bindDN, String password, String itemDn, HashMap<String, ArrayList<String>> attrValueMap) throws NamingException { Hashtable<String, String> env = new Hashtable<String, String>(); env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory"); env.put(Context.PROVIDER_URL, "ldap://" + ip + ":" + port); env.put(Context.SECURITY_AUTHENTICATION, "simple"); env.put(Context.SECURITY_PRINCIPAL, bindDN); env.put(Context.SECURITY_CREDENTIALS, password);
DirContext ctx = null; try { ctx = new InitialDirContext(env); BasicAttributes entry = new BasicAttributes(true); Iterator<String> defaultAttrValueMapKeyIt = attrValueMap.keySet().iterator(); while (defaultAttrValueMapKeyIt.hasNext()) { String attr = defaultAttrValueMapKeyIt.next(); ArrayList<String> valueList = attrValueMap.get(attr); if (1 == valueList.size()) { entry.put(attr, valueList.get(0)); } else { Attribute attribute = new BasicAttribute(attr); for (String value : valueList) { attribute.add(value); } entry.put(attribute); } } ctx.createSubcontext(itemDn, entry);
} catch (NamingException e){
throw e;
}finally{
ctx.close();
}
}
attrValueMap保存条目的所有属性信息,添加条目的属性要根据其对应的objectClass的必填属性填写,不能将必填属性设为空值,否则添加时会抛出异常,错误代码65。
3,修改条目
public void updateUser(String ip,int port,String bindDN, String password, String itemDn, HashMap<String, ModifyAttribute> modifyAttrMap) throws NamingException { Hashtable<String, String> env = new Hashtable<String, String>(); env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory"); env.put(Context.PROVIDER_URL, "ldap://" + ip + ":" + port); env.put(Context.SECURITY_AUTHENTICATION, "simple"); env.put(Context.SECURITY_PRINCIPAL, bindDn); env.put(Context.SECURITY_CREDENTIALS, password); DirContext ctx = null; try { ctx = new InitialDirContext(env); ModificationItem[] modificationItems = new ModificationItem[modifyAttrMap.size()]; int i = 0; Iterator<String> it = modifyAttrMap.keySet().iterator(); while (it.hasNext()) { ModifyAttribute ma = modifyAttrMap.get(it.next()); modificationItems[i++] = new ModificationItem(ma.getType(), new BasicAttribute(ma.getAttr(), ma.getValue())); } ctx.modifyAttributes(itemDn, modificationItems); } catch (NamingException e) { throw e; }finally{
ctx.close();
}
}
4,删除条目
public void deleteUser(String ip,int port,String bindDn, String password, String itemDn) throws NamingException { if (null != itemDn && !itemDn.equals("")) { Hashtable<String, String> env = new Hashtable<String, String>(); env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory"); env.put(Context.PROVIDER_URL, "ldap://" + ip + ":" + port); env.put(Context.SECURITY_AUTHENTICATION, "simple"); env.put(Context.SECURITY_PRINCIPAL, bindDn); env.put(Context.SECURITY_CREDENTIALS, password); DirContext ctx = null; try { ctx = new InitialDirContext(env); ctx.destroySubcontext(itemDn); } catch (NamingException e) { throw e; }finally{
ctx.close();
}
}
}
