Hallo,
ich möchte eine LDAP Authentifizierung starten. Hierzu habe ich eine Connection aufgebaut, idem ich mich mit einem admin user anmelde. Ich suche den Benutzer und versuche ihn anzumelden, bekomme aber eine Fehlermeldung angezeigt (siehe unten).
Suchen des Benutzers
Als Ergbnis bekomme ich Found LDAP User: cn=anstwe010,ou=a
Anmelden des gefundenen Benutzers:
ich möchte eine LDAP Authentifizierung starten. Hierzu habe ich eine Connection aufgebaut, idem ich mich mit einem admin user anmelde. Ich suche den Benutzer und versuche ihn anzumelden, bekomme aber eine Fehlermeldung angezeigt (siehe unten).
Suchen des Benutzers
Java:
package com.uds.webadmin.server;
import java.util.Hashtable;
import javax.naming.AuthenticationException;
import javax.naming.Context;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.DirContext;
import javax.naming.directory.InitialDirContext;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
public class CLdapAuthentication
{
public Boolean ldapLogin( String user, String pass )
{
// Admin login for searching the user
Boolean success = false;
String adminUser = "admin";
String adminPassword = "admin";
String base = "ou=extern,o=uni";
String dn = "cn=" + adminUser + "," + base;
String ldapURL = "ldap://papaya.de:389";
// Setup environment for authenticating
Hashtable<String, String> environment = new Hashtable<String, String>();
environment.put( Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory" );
environment.put( Context.PROVIDER_URL, ldapURL );
environment.put( Context.SECURITY_AUTHENTICATION, "simple" );
environment.put( Context.SECURITY_PRINCIPAL, dn );
environment.put( Context.SECURITY_CREDENTIALS, adminPassword );
try
{
// Create LDAP Context
DirContext ctx = new InitialDirContext( environment );
// Search the user who wants to login
String searchFilter = "(&(objectclass=inetorgperson) (cn=" + user + "))";
SearchControls searchControls = new SearchControls();
searchControls.setSearchScope( SearchControls.SUBTREE_SCOPE );
NamingEnumeration<SearchResult> results = ctx.search( "ou=usr,o=uni", searchFilter, searchControls );
SearchResult sr = results.next();
String userDN = sr.getName();
System.out.println( "Found LDAP User: " + userDN );
// if user was found...the user will be binded
if (userDN != null)
{
authUser( userDN, pass);
}
ctx.close();
}
catch ( AuthenticationException ex )
{
// Authentication failed
ex.printStackTrace();
}
catch ( NamingException ex )
{
ex.printStackTrace();
}
return success;
} // End of method
}
Als Ergbnis bekomme ich Found LDAP User: cn=anstwe010,ou=a
Anmelden des gefundenen Benutzers:
Java:
private void authUser(String userName, String pass)
{
String base = "ou=usr,o=uni";
String dn = userName + "," + base;
String ldapURL = "ldap://papaya.de:636";
// Setup environment for authenticating
Hashtable<String, String> environment = new Hashtable<String, String>();
environment.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
environment.put(Context.PROVIDER_URL, ldapURL);
environment.put(Context.SECURITY_AUTHENTICATION, "simple");
environment.put(Context.SECURITY_PRINCIPAL, dn);
environment.put(Context.SECURITY_CREDENTIALS, pass);
try
{
DirContext authContext = new InitialDirContext(environment);
// user is authenticated
}
catch (AuthenticationException ex)
{
// Authentication failed
ex.printStackTrace();
}
catch (NamingException ex)
{
ex.printStackTrace();
}
}
Java:
javax.naming.AuthenticationException: [LDAP: error code 49 - NDS error: failed authentication (-669)]
at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3087)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3033)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2835)
at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2749)
at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:316)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:193)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:211)
at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:154)
at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:84)
at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:684)
at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:307)
at javax.naming.InitialContext.init(InitialContext.java:242)
at javax.naming.InitialContext.<init>(InitialContext.java:216)
at javax.naming.directory.InitialDirContext.<init>(InitialDirContext.java:101)
at com.uds.webadmin.server.CLdapAuthentication.loginUser(CLdapAuthentication.java:97)
at com.uds.webadmin.server.CLdapAuthentication.checkLogin(CLdapAuthentication.java:56)
at com.uds.webadmin.server.CRestLogins.getUserData(CRestLogins.java:81)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:601)
at com.sun.jersey.spi.container.JavaMethodInvokerFactory$1.invoke(JavaMethodInvokerFactory.java:60)
at com.sun.jersey.server.impl.model.method.dispatch.AbstractResourceMethodDispatchProvider$TypeOutInvoker._dispatch(AbstractResourceMethodDispatchProvider.java:185)
at com.sun.jersey.server.impl.model.method.dispatch.ResourceJavaMethodDispatcher.dispatch(ResourceJavaMethodDispatcher.java:75)
at com.sun.jersey.server.impl.uri.rules.HttpMethodRule.accept(HttpMethodRule.java:288)
at com.sun.jersey.server.impl.uri.rules.RightHandPathRule.accept(RightHandPathRule.java:147)
at com.sun.jersey.server.impl.uri.rules.ResourceClassRule.accept(ResourceClassRule.java:108)
at com.sun.jersey.server.impl.uri.rules.RightHandPathRule.accept(RightHandPathRule.java:147)
at com.sun.jersey.server.impl.uri.rules.RootResourceClassesRule.accept(RootResourceClassesRule.java:84)
at com.sun.jersey.server.impl.application.WebApplicationImpl._handleRequest(WebApplicationImpl.java:1469)
at com.sun.jersey.server.impl.application.WebApplicationImpl._handleRequest(WebApplicationImpl.java:1400)
at com.sun.jersey.server.impl.application.WebApplicationImpl.handleRequest(WebApplicationImpl.java:1349)
at com.sun.jersey.server.impl.application.WebApplicationImpl.handleRequest(WebApplicationImpl.java:1339)
at com.sun.jersey.spi.container.servlet.WebComponent.service(WebComponent.java:416)
at com.sun.jersey.spi.container.servlet.ServletContainer.service(ServletContainer.java:537)
at com.sun.jersey.spi.container.servlet.ServletContainer.service(ServletContainer.java:708)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
at org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:487)
at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:362)
at org.mortbay.jetty.security.SecurityHandler.handle(SecurityHandler.java:216)
at org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:181)
at org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:729)
at org.mortbay.jetty.webapp.WebAppContext.handle(WebAppContext.java:405)
at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152)
at org.mortbay.jetty.handler.RequestLogHandler.handle(RequestLogHandler.java:49)
at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152)
at org.mortbay.jetty.Server.handle(Server.java:324)
at org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:505)
at org.mortbay.jetty.HttpConnection$RequestHandler.content(HttpConnection.java:843)
at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:647)
at org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:211)
at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:380)
at org.mortbay.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:395)
at org.mortbay.thread.QueuedThreadPool$PoolThread.run(QueuedThreadPool.java:488)