Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
LDAP example for searching and simple binding (authentication)
/*
* First create the keystore (to allow SSL protection) by importing the LDAP
* certificate (cert.pem) with:
* keytool -import -keystore keystore -storepass changeit -noprompt -file cert.pem
*
* You can get the certificate with OpenSSL:
* openssl s_client -connect ldap.server.com:636 </dev/null 2>/dev/null | sed -n '/^-----BEGIN/,/^-----END/ { p }' > cert.pem
*
* Then compile this class with:
* javac LdapAuth.java
*
* Finally execute it with:
* java -Djavax.net.ssl.trustStore=keystore -Djavax.net.ssl.keyStorePassword=changeit LdapAuth <username> <password>
*/
import java.util.*;
import javax.naming.*;
import java.util.regex.*;
import javax.naming.directory.*;
public class LdapAuth {
private final static String ldapURI = "ldaps://ldap.server.com/dc=ldap,dc=server,dc=com";
private final static String contextFactory = "com.sun.jndi.ldap.LdapCtxFactory";
private static DirContext ldapContext () throws Exception {
Hashtable<String,String> env = new Hashtable <String,String>();
return ldapContext(env);
}
private static DirContext ldapContext (Hashtable <String,String>env) throws Exception {
env.put(Context.INITIAL_CONTEXT_FACTORY, contextFactory);
env.put(Context.PROVIDER_URL, ldapURI);
DirContext ctx = new InitialDirContext(env);
return ctx;
}
private static String getUid (String user) throws Exception {
DirContext ctx = ldapContext();
String filter = "(uid=" + user + ")";
SearchControls ctrl = new SearchControls();
ctrl.setSearchScope(SearchControls.SUBTREE_SCOPE);
NamingEnumeration answer = ctx.search("", filter, ctrl);
String dn;
if (answer.hasMore()) {
SearchResult result = (SearchResult) answer.next();
dn = result.getNameInNamespace();
}
else {
dn = null;
}
answer.close();
return dn;
}
private static boolean testBind (String dn, String password) throws Exception {
Hashtable<String,String> env = new Hashtable <String,String>();
env.put(Context.SECURITY_AUTHENTICATION, "simple");
env.put(Context.SECURITY_PRINCIPAL, dn);
env.put(Context.SECURITY_CREDENTIALS, password);
try {
ldapContext(env);
}
catch (javax.naming.AuthenticationException e) {
return false;
}
return true;
}
public static void main(String args[]) throws Exception {
if (args.length != 2) {
System.out.println( "missing requried username and password" );
System.exit(1);
}
String user = args[0];
String password = args[1];
String dn = getUid( user );
if (dn != null) {
/* Found user - test password */
if ( testBind( dn, password ) ) {
System.out.println( "user '" + user + "' authentication succeeded" );
System.exit(0);
}
else {
System.out.println( "user '" + user + "' authentication failed" );
System.exit(1);
}
}
else {
System.out.println( "user '" + user + "' not found" );
System.exit(1);
}
}
}
@jjose122

This comment has been minimized.

Copy link

commented Jan 20, 2016

Thanks for sharing.. This helped me.

@kjguruprasad

This comment has been minimized.

Copy link

commented Sep 3, 2016

Thank you for sharing this. Helped me a lot.

@surighanta

This comment has been minimized.

Copy link

commented Sep 13, 2016

It did not worked as is for us. I assume first we are trying for a search anonymously, which is not allowed in our environment. avoiding the anonymous search worked for us. I shall paste the modified code if you want.

THANKS A LOT!!!

@KumarNavneet

This comment has been minimized.

Copy link

commented Dec 2, 2016

Thanks for the write up but as @surighanta pointed that anonymous search was not allowed in their environment, I too faced such an issue.
Can you help me in getting what all authentication protocols is supported by the server to which i am trying to bind. Is there a programmatic way to find that so that i can query the user for the appropriate additional information.

Thanks,
-Navneet

@azedine--taha

This comment has been minimized.

Copy link

commented Jan 2, 2017

Hello i want to store a user in ldap i use bind method but when i search the user in ldap i found it but serialisable ,

@gncabrera

This comment has been minimized.

Copy link

commented Jul 11, 2018

It worked great! Thanks for sharing!

@grendizer

This comment has been minimized.

Copy link

commented Jul 17, 2018

Brilliant!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.