java调用AD域验证用户,搜索用户信息

原创
2016/09/08 12:01
阅读数 2.5K

如下是代码

package com.pansoft.oa.untils;

import java.util.Enumeration;
import java.util.Hashtable;

import javax.naming.AuthenticationException;
import javax.naming.Context;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.directory.DirContext;
import javax.naming.directory.InitialDirContext;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import javax.naming.ldap.InitialLdapContext;
import javax.naming.ldap.LdapContext;

public class ADUtils {

	/**
	 * 使用AD域校验用户密码
	 * */
    public static Boolean validateUserByAD(String username , String password){
    	Boolean result = false;
    	DirContext ctx=null;
        Hashtable<String,String> HashEnv = new Hashtable<String,String>();
        HashEnv.put(Context.SECURITY_AUTHENTICATION, "simple"); // LDAP访问安全级别(none,simple,strong)
        HashEnv.put(Context.SECURITY_PRINCIPAL, "sinopec\\"+username); //AD的用户名
        HashEnv.put(Context.SECURITY_CREDENTIALS, password); //AD的密码
        HashEnv.put(Context.INITIAL_CONTEXT_FACTORY,"com.sun.jndi.ldap.LdapCtxFactory"); // LDAP工厂类
        HashEnv.put("com.sun.jndi.ldap.connect.timeout", "3000");//连接超时设置为3秒
        HashEnv.put(Context.PROVIDER_URL, "LDAP://10.116.20.12");// 默认端口389
        try {
            ctx = new InitialDirContext(HashEnv);// 初始化上下文
            System.out.println("身份验证成功!");
        } catch (AuthenticationException e) {
            System.out.println("身份验证失败!");
            e.printStackTrace();
        } catch (javax.naming.CommunicationException e) {
            System.out.println("AD域连接失败!");
            e.printStackTrace();
        } catch (Exception e) {
            System.out.println("身份验证未知异常!");
            e.printStackTrace();
        } finally{
            if(null!=ctx){
                try {
                    ctx.close();
                    ctx=null;
                } catch (Exception e) {
                    e.printStackTrace();
                }
            }
        }
    	return result;
    }
    
    /**
     * 获取域下所有用户
     * */
    public void getAllUserFromAD(){
    	
    }
    
    
    public void GetADInfo() {  
    	  String userName = "xxxx"; // 用户名称  
    	  String passwd = "xxx";  
    	  String host = "192.168.100.14"; // AD服务器  
    	  String port = "389"; // 端口  
    	  String domain = "@xxx.com"; // 邮箱的后缀名  
    	  String url = new String("ldap://" + host + ":" + port);  
    	  String user = userName.indexOf(domain) > 0 ? userName : userName  
    	    + domain;  
    	  Hashtable HashEnv = new Hashtable();  
    	  // String adminName ="CN=oyxiaoyuanxy,CN=Users,DC=Hebmc,DC=com";//AD的用户名  
    	  String adminName = "xueqiang"; // 注意用户名的写法:domain\User 或  User@domain.com  
    	  String adminPassword = "123456"; // 密码  
    	  HashEnv.put(Context.SECURITY_AUTHENTICATION, "simple"); // LDAP访问安全级别  
    	  HashEnv.put(Context.SECURITY_PRINCIPAL, adminName); // AD User  
    	  HashEnv.put(Context.SECURITY_CREDENTIALS, adminPassword); // AD Password  
    	  HashEnv.put(Context.INITIAL_CONTEXT_FACTORY,  
    	    "com.sun.jndi.ldap.LdapCtxFactory"); // LDAP工厂类  
    	  HashEnv.put(Context.PROVIDER_URL, url);  
    	  try {  
    	   LdapContext ctx = new InitialLdapContext(HashEnv, null);  
    	   // 域节点  
    	   String searchBase = "DC=wanda-dev,DC=cn";  
    	   // LDAP搜索过滤器类  
    	   String searchFilter = "objectClass=User";  
    	   // 搜索控制器  
    	   SearchControls searchCtls = new SearchControls(); // Create the  
    	   // search  
    	   // controls  
    	   // 创建搜索控制器  
    	   searchCtls.setSearchScope(SearchControls.SUBTREE_SCOPE); // Specify  
    	   // the  
    	   // search  
    	   // scope  
    	   // 设置搜索范围  
    	   // searchCtls.setSearchScope(SearchControls.OBJECT_SCOPE); //  
    	   // Specify the search scope 设置搜索范围  
    	   String returnedAtts[] = { "memberOf", "distinguishedName",  
    	     "Pwd-Last-Set", "User-Password", "cn" };// 定制返回属性  
    	   // String returnedAtts[] = { "url", "whenChanged", "employeeID",  
    	   // "name", "userPrincipalName", "physicalDeliveryOfficeName",  
    	   // "departmentNumber", "telephoneNumber", "homePhone",  
    	   // "mobile", "department", "sAMAccountName", "whenChanged",  
    	   // "mail" }; // 定制返回属性  
    	   searchCtls.setReturningAttributes(returnedAtts); // 设置返回属性集  
    	   // 根据设置的域节点、过滤器类和搜索控制器搜索LDAP得到结果  
    	   NamingEnumeration answer = ctx.search(searchBase, searchFilter,  
    	     searchCtls);// Search for objects using the filter  
    	   // 初始化搜索结果数为0  
    	   int totalResults = 0;// Specify the attributes to return  
    	   int rows = 0;  
    	   while (answer.hasMoreElements()) {// 遍历结果集  
    	    SearchResult sr = (SearchResult) answer.next();// 得到符合搜索条件的DN  
    	    System.out.println(++rows  
    	      + "************************************************");  
    	    System.out.println(sr.getName());  
    	    Attributes Attrs = sr.getAttributes();// 得到符合条件的属性集  
    	    if (Attrs != null) {  
    	     try {  
    	      for (NamingEnumeration ne = Attrs.getAll(); ne  
    	        .hasMore();) {  
    	       Attribute Attr = (Attribute) ne.next();// 得到下一个属性  
    	       System.out.println(" AttributeID=属性名:"  
    	         + Attr.getID().toString());  
    	       // 读取属性值  
    	       for (NamingEnumeration e = Attr.getAll(); e  
    	         .hasMore(); totalResults++) {  
    	        System.out.println("    AttributeValues=属性值:"  
    	          + e.next().toString());  
    	       }  
    	       System.out.println("    ---------------");  
    	       // 读取属性值  
    	       // Enumeration values = Attr.getAll();  
    	       // if (values != null) { // 迭代  
    	       // while (values.hasMoreElements()) {  
    	       // System.out.println("    AttributeValues=属性值:"+  
    	       // values.nextElement());  
    	       // }  
    	       // }  
    	       // System.out.println("    ---------------");  
    	      }  
    	     } catch (NamingException e) {  
    	      System.err.println("Throw Exception : " + e);  
    	     }  
    	    }  
    	   }  
    	   System.out  
    	     .println("************************************************");  
    	   System.out.println("Number: " + totalResults);  
    	   ctx.close();  
    	  } catch (NamingException e) {  
    	   e.printStackTrace();  
    	   System.err.println("Throw Exception : " + e);  
    	  }  
    	 }  
    	/* public static void main(String args[]) {  
    	  // 实例化  
    	  ADOperTest ad = new ADOperTest();  
    	  ad.GetADInfo();  
    	 }*/  
    	   
    	 public static void main(String args[]) {  
    	        Hashtable HashEnv = new Hashtable();  
    	  
    	        String LDAP_URL = "ldap://xxx.com:389"; //LDAP访问地址  
    	        String adminName = "xxx@xxx.com"; //注意用户名的写法:domain\User 或 User@domain.com  
    	        String adminPassword = "xxxx"; //密码  
    	  
    	        HashEnv.put(Context.SECURITY_AUTHENTICATION, "simple"); //LDAP访问安全级别  
    	        HashEnv.put(Context.SECURITY_PRINCIPAL, adminName); //AD User  
    	        HashEnv.put(Context.SECURITY_CREDENTIALS, adminPassword); //AD Password  
    	        HashEnv.put(Context.INITIAL_CONTEXT_FACTORY,"com.sun.jndi.ldap.LdapCtxFactory"); //LDAP工厂类  
    	        HashEnv.put(Context.PROVIDER_URL, LDAP_URL);  
    	  
    	        try {  
    	          LdapContext ctx = new InitialLdapContext(HashEnv, null);  
    	          SearchControls searchCtls = new SearchControls(); //Create the search controls  
    	          searchCtls.setSearchScope(SearchControls.SUBTREE_SCOPE); //Specify the search scope  
    	  
    	          String searchFilter = "objectClass=User"; //specify the LDAP search filter  
    	          
    	          String searchBase = "DC=xxx,DC=com"; //Specify the Base for the search//搜索域节点  
    	          int totalResults = 0;  
    	  
    	               String returnedAtts[] = {  
    	              "url", "whenChanged", "employeeID", "name", "userPrincipalName",  
    	              "physicalDeliveryOfficeName", "departmentNumber", "telephoneNumber",  
    	              "homePhone", "mobile", "department", "sAMAccountName", "whenChanged",  
    	              "mail"}; //定制返回属性  
    	  
    	          searchCtls.setReturningAttributes(returnedAtts); //设置返回属性集  
    	  
    	          //Search for objects using the filter  
    	          NamingEnumeration answer = ctx.search(searchBase, searchFilter,searchCtls);  
    	            
    	          if(answer==null||answer.equals(null)){  
    	              System.out.println("answer is null");  
    	          }else{  
    	              System.out.println("answer not null");  
    	          }  
    	            
    	          System.out.println(answer.hasMoreElements());  
    	            
    	          while (answer.hasMoreElements()) {  
    	            SearchResult sr = (SearchResult) answer.next();  
    	            System.out.println("************************************************");  
    	            System.out.println(sr.getName());  
    	  
    	            Attributes Attrs = sr.getAttributes();  
    	            if (Attrs != null) {  
    	              try {  
    	                for (NamingEnumeration ne = Attrs.getAll(); ne.hasMore(); ) {  
    	                  Attribute Attr = (Attribute) ne.next();  
    	  
    	                  System.out.println(" AttributeID=" + Attr.getID().toString());  
    	  
    	                  //读取属性值  
    	                  for (NamingEnumeration e = Attr.getAll(); e.hasMore();totalResults++) {  
    	                    System.out.println("    AttributeValues=" + e.next().toString());  
    	                  }  
    	                  System.out.println("    ---------------");  
    	  
    	                  //读取属性值  
    	                  Enumeration values = Attr.getAll();  
    	                  if (values != null) { // 迭代  
    	                    while (values.hasMoreElements()) {  
    	                      System.out.println("    AttributeValues=" + values.nextElement());  
    	                    }  
    	                  }  
    	                  System.out.println("    ---------------");  
    	                }  
    	              }  
    	              catch (NamingException e) {  
    	                System.err.println("Throw Exception : " + e);  
    	              }  
    	            }  
    	          }  
    	          System.out.println("Number: " + totalResults);  
    	          ctx.close();  
    	        }  
    	  
    	        catch (NamingException e) {  
    	          e.printStackTrace();  
    	          System.err.println("Throw Exception : " + e);  
    	        }  
    	    }  
}

主要是这个validateUserByAD方法

其他的并没有验证

 

展开阅读全文
打赏
1
0 收藏
分享
加载中
更多评论
打赏
0 评论
0 收藏
1
分享
返回顶部
顶部