We can specify the authentication
information in Environment variables. JNDI provides following properties, to
specify Authentication information.
Property
|
Description
|
Context.SECURITY_AUTHENTICATION
|
Specifies the Autnentication Mechanism
to use. LDAPV3 supports three kinds of Authentication mechanisms, anonymous,
simple, and SASL authentication. this can be one of the following strings:
"none", "simple", sasl_mech, where sasl_mech is a
space-separated list of SASL mechanism names.
|
Context.SECURITY_PRINCIPAL
|
Specifies the name of the user/program
doing the authentication and depends on the value of the
Context.SECURITY_AUTHENTICATION property.
|
Context.SECURITY_CREDENTIALS
|
Specifies the credentials of the
user/program doing the authentication and depends on the value of the
Context.SECURITY_AUTHENTICATION property.
|
First let me add userPassword attribute
to user “Krishna”.
Select the user “Krishna”, Right click
-> Net Attribute.
Select the attribute type to
“userPassword” and press Finish.
It opens Password Editor and prompt for
password, Confirm Password. You can encrypt the password by specifying any
algorithm available in "Select Hash Method" dropdown. I am using
SHA-256 algorithm.
I gave "password123" as
password for person Krishna.
import java.util.Hashtable; import javax.naming.Context; import javax.naming.NamingException; import javax.naming.directory.DirContext; import javax.naming.directory.InitialDirContext; public class Test { private static final String CONTEXT_FACTORY = "com.sun.jndi.ldap.LdapCtxFactory"; private static final String PROVIDER_URL = "ldap://localhost:10389"; private static final String SECURITY_AUTHENTICATION = "simple"; public static void main(String[] args) throws NamingException { Hashtable<String, String> env = new Hashtable<String, String>(11); env.put(Context.INITIAL_CONTEXT_FACTORY, CONTEXT_FACTORY); env.put(Context.PROVIDER_URL, PROVIDER_URL); env.put(Context.SECURITY_AUTHENTICATION, SECURITY_AUTHENTICATION); env.put(Context.SECURITY_PRINCIPAL, "cn=Krishna,ou=people,dc=example,dc=com"); env.put(Context.SECURITY_CREDENTIALS, "password123"); try { DirContext ctx = new InitialDirContext(env); System.out.println("Authentication Successful"); ctx.close(); } catch (NamingException e) { System.out.println("Authentication Failed"); e.printStackTrace(); } } }
Output
Authentication Successful
Now change
the following statement
env.put(Context.SECURITY_CREDENTIALS,
"password123");
to (I
updated with wrong password)
env.put(Context.SECURITY_CREDENTIALS,
"abcd);
Re run
Test.java, you will get following kind of output.
Authentication Failed javax.naming.AuthenticationException: [LDAP: error code 49 - INVALID_CREDENTIALS: Bind failed: ERR_229 Cannot authenticate user cn=Krishna,ou=people,dc=example,dc=com] at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3135) at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3081) at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2883) at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2797) at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:319) at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:192) at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:210) at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:153) at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:83) at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:684) at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:313) at javax.naming.InitialContext.init(InitialContext.java:244) at javax.naming.InitialContext.<init>(InitialContext.java:216) at javax.naming.directory.InitialDirContext.<init>(InitialDirContext.java:101) at jndi_tutorial.Test.main(Test.java:26)
No comments:
Post a Comment