Hi,
for my web application I have to validate the user login (username and userPassword). The user-object is stored in the MS Active Directory . Now I want to use LDAP with the JNDI to compare the login values. In ADS it is not possible to read the entry of the attribute 搖serPassword? How can I compare the password of the user login with the one stored in the directory?
Can anybody please help me?
Thanks
If u have the user name and password ... u can validate it to AD....
If u try to get the initialContext... it will say whether the user is valid or invalid with the AuthenticationException ..... below is the code..
Hashtable env = new Hashtable(11);
env.put(Context.INITIAL_CONTEXT_FACTORY,"com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.PROVIDER_URL,"ldap://"+"Ipaddress" + ":" + 389 );
env.put(Context.SECURITY_PRINCIPAL, "userName");
env.put(Context.SECURITY_CREDENTIALS, "password");
try {
DirContext ctx = null;
try {
ctx = new InitialDirContext(env);
}catch(AuthenticationException e){
System.out.println("exception" + e);
e.printStackTrace();
System.exit(0);
}
Thanks for your help, but this is not exactly what I want to do.
To get the connection to the ADS I have a system user. Every connection is made with the same user data (for example username= systemuser, password = testpassword).
I made a connection by getting an instance of the InitialDirContext and set the configuration parameters as followed:
env.put(Context.INITIAL_CONTEXT_FACTORY,"com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.PROVIDER_URL,"ldap://"+"Ipaddress" + ":" + 389 );
env.put(Context.SECURITY_PRINCIPAL, "systemuser");
env.put(Context.SECURITY_CREDENTIALS, "testpassword");
DirContext ctx = new InitialDirContext(env);
Now I have a connection to the ADS. I want to compare the userdata (username und password) for the user 揗ax M黮ler?or the user 揚etra Maier?
I don抰 know how to compare given userPasswords with these ones stored in the directory.
Isn抰 there a compare-method for ldap?
Thanks,
While LDAP does allow compare operations to be performed, Active Directory does not allow you to read the password attribute, therefore you cannot directly compare a password input with the value stored in the user's Active Directory password attribute.
Instead have a look at the post titled "JNDI, Active Directory and Authentication (part 5, LDAP Fastbinds)" at http://forum.java.sun.com/thread.jspa?threadID=726601&tstart=0
Designed to do exactly what you want, that is, to verify a users' credentials.