I am building an application based on GXT (J2EE). Now the problem is that I have to connect the application to a LDAP server. Can you tell me how to connect a LDAP server from our java application and what Library or API I will have to use for that?
3 Answers
To connect to LDAP, check out the following packages/classes:
javax.naming.directory.*
javax.naming.ladp.*
com.sun.jndi.ldap.LdapCtxFactory
com.sun.jndi.ldap.ControlFactory
Example code:
//build a hashtable containing all the necessary configuration parameters
Hashtable<String, String> environment = new Hashtable<String, String>();
environment.put(LdapContext.CONTROL_FACTORIES, conf.getProperty("ldap.factories.control"));
environment.put(Context.INITIAL_CONTEXT_FACTORY, conf.getProperty("ldap.factories.initctx"));
environment.put(Context.PROVIDER_URL, conf.getProperty("ldap.host"));
environment.put(Context.SECURITY_AUTHENTICATION, "simple");
environment.put(Context.SECURITY_PRINCIPAL, conf.getProperty("ldap.user"));
environment.put(Context.SECURITY_CREDENTIALS, conf.getProperty("ldap.password"));
environment.put(Context.STATE_FACTORIES, "PersonStateFactory");
environment.put(Context.OBJECT_FACTORIES, "PersonObjectFactory");
// connect to LDAP
DirContext ctx = new InitialDirContext(environment);
// Specify the search filter
String FILTER = "(&(objectClass=Person) ((sAMAccountName=" + user.getUsername() + ")))";
// limit returned attributes to those we care about
String[] attrIDs = { "sn", "givenName" };
SearchControls ctls = new SearchControls();
ctls.setReturningAttributes(attrIDs);
ctls.setSearchScope(SearchControls.SUBTREE_SCOPE);
// Search for objects using filter and controls
NamingEnumeration answer = ctx.search(searchBase, FILTER, ctls);
...
SearchResult sr = (SearchResult) answer.next();
Attributes attrs = sr.getAttributes();
surName = attrs.get("sn").toString();
givenName = attrs.get("givenName").toString();
...
In this example I have a Configuration object that reads these values from a config file.
The values would be :
# LDAP parameters
ldap.host = ldap://ldap.mydomain.com:389
ldap.factories.initctx = com.sun.jndi.ldap.LdapCtxFactory
ldap.factories.control = com.sun.jndi.ldap.ControlFactory
ldap.searchbase = dc=mydomain,dc=us
ldap.user = MYDOMAIN.COM\\ldap-user
ldap.userBase= MYDOMAIN.COM\\
ldap.password = ******
7 Comments
dhiraj
In my case I don't want to specify any search filter for the connection. actually I want to establish the connection at the start up of the application and retrieve information whenever we need from any part of the application. Now whether I will need different connections each time we try to connect the LDAP server or what? Again is the search filter compulsory for a connection?
dhiraj
How can we check whether the connection to a LDAP server is successfully done or not?
PATRY Guillaume
dhiraj : you don't need the search filter to get the connection (ie the context). Depending on the frequency of acces to the LDAP, i would either keep the connection alive an reuse it (and re-open it if it fail, as it could be closed unexpectedly), or get a new connection each time (closing it after each time also). Personnaly i would favor the second (more robust IMHO).
PATRY Guillaume
Dhiraj : the context (ie ctx variable) is the connexion. It check the elements it's given in the environment (notably user and password), and will fail if it's not valid.
dhiraj
Thanx a lot for your valuable answers.
|
- Connection to a LDAP server is made using JNDI (Java Naming and Directory Interface) APIs in Java.
The JNDI’s interfaces, classes and exceptions are available in the following packages come with JDK:
- javax.naming.*
- javax.naming.directory.*
That means we don’t have to use any external libraries for working with LDAP servers, in most cases.
That specifies URL of a LDAP server consists of hostname on which LDAP Server is running port number. A well known port number of the Lightweight Directory Access Protocol is 389 which is default.
Also need to specify some environment properties for the connection and authentication in a Hashtable object.
Here is the sample code:
import javax.naming.*;
import javax.naming.ldap.*;
import javax.naming.directory.*;
public class Ldap
{
public static void main(String[]args)
{
Hashtable<String, String> environment = new Hashtable<String, String>();
environment.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
environment.put(Context.PROVIDER_URL, "ldap://<hostname>:389");
environment.put(Context.SECURITY_AUTHENTICATION, "simple");
environment.put(Context.SECURITY_PRINCIPAL, "<Login DN>");
environment.put(Context.SECURITY_CREDENTIALS, "<password>");
try
{
DirContext context = new InitialDirContext(environment);
System.out.println("Connected..");
System.out.println(context.getEnvironment());
context.close();
}
catch (AuthenticationNotSupportedException exception)
{
System.out.println("The authentication is not supported by the server");
}
catch (AuthenticationException exception)
{
System.out.println("Incorrect password or username");
}
catch (NamingException exception)
{
System.out.println("Error when trying to create the context");
}
}
}
Comments
You can even use Netscape LDAP SDK which is currently not active but gives more control in LDAP Programming
1 Comment
M Alok
I have used it but I have faced a problems with it, check this stackoverflow.com/questions/74079587/…. I am also looking for alternatives.