使用jndi連接ldap數據庫,操作ldap條目
1,連接ldap數據庫:
public DirContext createDirContext(String ip,int port,String bindDn,String password){ Hashtable<String, String> env = new Hashtable<String, String>(); env.put(Context.INITIAL_CONTEXT_FACTORY,"com.sun.jndi.ldap.LdapCtxFactory"); env.put(Context.PROVIDER_URL, "ldap://" + ip + ":" + port); env.put(Context.SECURITY_AUTHENTICATION, "simple"); env.put(Context.SECURITY_PRINCIPAL, bindDn); env.put(Context.SECURITY_CREDENTIALS, password); DirContext ctx = null; try{ ctx = new InitialDirContext(env); }catch(new InitialDirContext(env);){ e.printStackTrace(); } return ctx; }
能否成功創建DirContext對象可以用來測試綁定用戶密碼是否正確,在進行ldap登陸測試時使用。
2,創建條目
public void addItem(String ip,int port,String bindDN, String password, String itemDn, HashMap<String, ArrayList<String>> attrValueMap) throws NamingException { Hashtable<String, String> env = new Hashtable<String, String>(); env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory"); env.put(Context.PROVIDER_URL, "ldap://" + ip + ":" + port); env.put(Context.SECURITY_AUTHENTICATION, "simple"); env.put(Context.SECURITY_PRINCIPAL, bindDN); env.put(Context.SECURITY_CREDENTIALS, password);
DirContext ctx = null; try { ctx = new InitialDirContext(env); BasicAttributes entry = new BasicAttributes(true); Iterator<String> defaultAttrValueMapKeyIt = attrValueMap.keySet().iterator(); while (defaultAttrValueMapKeyIt.hasNext()) { String attr = defaultAttrValueMapKeyIt.next(); ArrayList<String> valueList = attrValueMap.get(attr); if (1 == valueList.size()) { entry.put(attr, valueList.get(0)); } else { Attribute attribute = new BasicAttribute(attr); for (String value : valueList) { attribute.add(value); } entry.put(attribute); } } ctx.createSubcontext(itemDn, entry);
} catch (NamingException e){
throw e;
}finally{
ctx.close();
}
}
attrValueMap保存條目的所有屬性信息,添加條目的屬性要根據其對應的objectClass的必填屬性填寫,不能將必填屬性設為空值,否則添加時會拋出異常,錯誤代碼65。
3,修改條目
public void updateUser(String ip,int port,String bindDN, String password, String itemDn, HashMap<String, ModifyAttribute> modifyAttrMap) throws NamingException { Hashtable<String, String> env = new Hashtable<String, String>(); env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory"); env.put(Context.PROVIDER_URL, "ldap://" + ip + ":" + port); env.put(Context.SECURITY_AUTHENTICATION, "simple"); env.put(Context.SECURITY_PRINCIPAL, bindDn); env.put(Context.SECURITY_CREDENTIALS, password); DirContext ctx = null; try { ctx = new InitialDirContext(env); ModificationItem[] modificationItems = new ModificationItem[modifyAttrMap.size()]; int i = 0; Iterator<String> it = modifyAttrMap.keySet().iterator(); while (it.hasNext()) { ModifyAttribute ma = modifyAttrMap.get(it.next()); modificationItems[i++] = new ModificationItem(ma.getType(), new BasicAttribute(ma.getAttr(), ma.getValue())); } ctx.modifyAttributes(itemDn, modificationItems); } catch (NamingException e) { throw e; }finally{
ctx.close();
}
}
4,刪除條目
public void deleteUser(String ip,int port,String bindDn, String password, String itemDn) throws NamingException { if (null != itemDn && !itemDn.equals("")) { Hashtable<String, String> env = new Hashtable<String, String>(); env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory"); env.put(Context.PROVIDER_URL, "ldap://" + ip + ":" + port); env.put(Context.SECURITY_AUTHENTICATION, "simple"); env.put(Context.SECURITY_PRINCIPAL, bindDn); env.put(Context.SECURITY_CREDENTIALS, password); DirContext ctx = null; try { ctx = new InitialDirContext(env); ctx.destroySubcontext(itemDn); } catch (NamingException e) { throw e; }finally{
ctx.close();
}
}
}