|
| Problem | Our J2EE applications are currently accessing the Domino LDAP Server for authentication via the LDAPAuthentication class, that was developed this in-house. This LDAPAuthentication class uses the JNDI API to search the Domino LDAP Server. We are, however, not able to use this same LDAPAuthentication class to search the ActiveDirectory. This is because the JNDI API is not supported by ActiveDirectory. Is there an alternative JAVA API (supported by ActiveDirectory) that we can use to customize our LDAPAuthentication class? This would allow us to access the ActiveDirectory for authentication. | | | | Solution |
ActiveDirectory supports the LDAP protocol. You can access it from Java by using the standard Java JNDI APIs. The LDAP server does not really have to support the JNDI APIs, just the LDAP protocol. If you are having problems, it is most likely a configuration problem in how you are attempting to access ActiveDirectory. I have included a simple test case program to authenticate a distinguished name to an LDAP server. Make sure your LDAPAuthentication class looks basically like this. In general, you should not have to treat ActiveDirectory any differently than any other LDAP Server.import java.util.Properties;
import javax.naming.*;
import javax.naming.directory.*;
//include the JNDI in the classpath. You should use the same JDK used by WebSphere Application server.
class wasLdapAuth
{
public static void main(String[] args)
{
//***************** user information to be authenticated ********************************
//*****************Please modify the following three properties accordingly ************
String ldapHost= "ldap://cliang1.austin.ibm.com:389"; //ldap host + port number
String DN = "cn=user1, ou=Austin,o=ibm,c=us"; // DN to be authenticated
String password = "security"; // DN's password
//***************** End of user information
Properties props = new Properties();
props.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
//for websphere 4.0 and 5.0
//props.put(Context.INITIAL_CONTEXT_FACTORY, "com.ibm.jndi.LDAPCtxFactory");
// for WebSphere 3.5 release
props.put(Context.SECURITY_AUTHENTICATION, "simple"); //use simple authentication mechanism
props.put(Context.SECURITY_CREDENTIALS, password);
props.put(Context.SECURITY_PRINCIPAL, DN);
props.put(Context.PROVIDER_URL, ldapHost);
long start = System.currentTimeMillis();
long end=0;
long time =0;
try
{
System.out.println("authenticating");
DirContext ctx = new InitialDirContext(props);
System.out.println("authenticated");
end = System.currentTimeMillis();
time = end - start;
System.out.println( "authentication takes = " + time + " millis");
System.out.println("successfully authenticate DN: "+DN);
}
catch (Exception ex)
{
end = System.currentTimeMillis();
time = end - start;
System.out.println("Exception is "+ex.toString());
ex.printStackTrace();
System.out.println( "authentication takes = " + time + " millis");
System.out.println("fail to authenticate DN: "+DN);
}
}
}
|
|
| | | | |
| |
|
Product categories: Software, Application Servers, Distributed Application & Web Servers, WebSphere Application Server, Administrative Console (all non-scripting) Operating system(s): Multi-Platform Software version: 3.5, 4.0, 5.0, 5.1, 6.0 Software edition: Edition Independent Reference #: 1083788 IBM Group: Software Group Modified date: 2003-02-06
(C) Copyright IBM Corporation 2000, 2004. All Rights Reserved.
|