<small id='25xFo'></small><noframes id='25xFo'>

  • <i id='25xFo'><tr id='25xFo'><dt id='25xFo'><q id='25xFo'><span id='25xFo'><b id='25xFo'><form id='25xFo'><ins id='25xFo'></ins><ul id='25xFo'></ul><sub id='25xFo'></sub></form><legend id='25xFo'></legend><bdo id='25xFo'><pre id='25xFo'><center id='25xFo'></center></pre></bdo></b><th id='25xFo'></th></span></q></dt></tr></i><div id='25xFo'><tfoot id='25xFo'></tfoot><dl id='25xFo'><fieldset id='25xFo'></fieldset></dl></div>
      <bdo id='25xFo'></bdo><ul id='25xFo'></ul>
    1. <legend id='25xFo'><style id='25xFo'><dir id='25xFo'><q id='25xFo'></q></dir></style></legend>
    2. <tfoot id='25xFo'></tfoot>

        如何对各个字段进行 LDAP 搜索

        How to do an LDAP Search of Various fields(如何对各个字段进行 LDAP 搜索)

        • <legend id='VHA8F'><style id='VHA8F'><dir id='VHA8F'><q id='VHA8F'></q></dir></style></legend>

            <tfoot id='VHA8F'></tfoot>
          1. <i id='VHA8F'><tr id='VHA8F'><dt id='VHA8F'><q id='VHA8F'><span id='VHA8F'><b id='VHA8F'><form id='VHA8F'><ins id='VHA8F'></ins><ul id='VHA8F'></ul><sub id='VHA8F'></sub></form><legend id='VHA8F'></legend><bdo id='VHA8F'><pre id='VHA8F'><center id='VHA8F'></center></pre></bdo></b><th id='VHA8F'></th></span></q></dt></tr></i><div id='VHA8F'><tfoot id='VHA8F'></tfoot><dl id='VHA8F'><fieldset id='VHA8F'></fieldset></dl></div>
              <bdo id='VHA8F'></bdo><ul id='VHA8F'></ul>
                <tbody id='VHA8F'></tbody>

              <small id='VHA8F'></small><noframes id='VHA8F'>

                • 本文介绍了如何对各个字段进行 LDAP 搜索的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着跟版网的小编来一起学习吧!

                  问题描述

                  我需要在身份验证后从 LDAP 中检索各种值,例如 Description、Office 等.

                  I have a requirement of retrieving various values such as Description, Office, etc. from LDAP after authentication.

                  我已经能够完成身份验证,但我无法检索其他值.

                  I have been able to complete the authentication but i am not able to retrieve other values.

                  我应该使用什么名称来检索完整的数据??

                  what names should i use to retrieve the complete data??

                  请帮忙.

                  我的代码如下:

                      public boolean authenticate(String userid, String pass, String domain) {
                          boolean retval = false;
                          String searchFilter ="(&(objectClass=user)(" + LDAP_UID_ATTR + "=" + userid + "))";
                  
                  
                          try {
                              System.out.println("Start: getLDAPAttrs");
                              NamingEnumeration answer =
                                  getLDAPAttrs(userid, pass, searchFilter, domain);
                              String uid = "";
                  
                              while (answer.hasMoreElements()) {
                                  SearchResult sr = (SearchResult)answer.next();
                  
                                  Attributes attrs = sr.getAttributes();
                  
                                  try {
                                      uid = attrs.get(LDAP_UID_ATTR).toString();
                                      System.out.println("uid: " + uid);
                                      System.out.println(attrs.get("mail"));
                                      uid = uid.substring(uid.indexOf(':') + 2);
                                  } catch (Exception err) {
                  //                    uid = "";
                                      System.out.println(err.getMessage());
                                      err.printStackTrace();
                                  }
                  
                                  // verify userid
                                  if (userid.equalsIgnoreCase(uid)) {
                                      retval = true;
                  
                                      break;
                                  }
                              }
                          } catch (NamingException ne) {
                              System.out.println("In authenticateWithLDAP, LDAP Authentication NamingException : " +
                                                 ne.getMessage());
                          } catch (Exception ex) {
                              System.out.println("In authenticateWithLDAP, LDAP Authentication Exception : " +
                                                 ex.getMessage());
                          }
                  
                          return retval;
                          //        return retval;
                      }
                  
                      private NamingEnumeration getLDAPAttrs(String userid, String pass,
                                                             String searchFilter,
                                                             String domain) throws NamingException,
                                                                                   Exception {
                          String host = getServerName();
                          String port = getIP_Port();
                          String dcPart1 = getDcPart1();
                          String dcPart2 = getDcPart2();
                  //        String attrUserID = getLDAP_UID_ATTR();
                  //        String attrUserName = getLDAP_UNAME_ATTR();
                  
                          // set attribute names to obtain value of
                          String[] returnedAtts = { "sAMAccountName", "cn","mail" };
                          SearchControls searchCtls = new SearchControls();
                          searchCtls.setReturningAttributes(returnedAtts);
                  
                          // specify the search scope
                          searchCtls.setSearchScope(SearchControls.SUBTREE_SCOPE);
                  
                          // set search base
                          String searchBase = "DC=" + dcPart1 + ",DC=" + dcPart2;
                  
                          // set ldap env values
                          Hashtable environment = new Hashtable();
                          environment.put(Context.INITIAL_CONTEXT_FACTORY,
                                          "com.sun.jndi.ldap.LdapCtxFactory");
                          environment.put(Context.PROVIDER_URL, "ldap://" + host + ":" + port);
                          environment.put(Context.SECURITY_AUTHENTICATION, "simple");
                          environment.put(Context.SECURITY_PRINCIPAL, userid + "@" + domain);
                          environment.put(Context.SECURITY_CREDENTIALS, pass);
                  
                          // set ldap context
                          DirContext ctxGC = new InitialDirContext(environment);
                  
                          // perform search to obtain values
                          NamingEnumeration answer =
                              ctxGC.search(searchBase, searchFilter, searchCtls);
                          return answer;
                      }
                  

                  推荐答案

                  LDAP 客户端通过向服务器发送搜索请求然后读取服务器的响应来检索属性值(在问题中称为字段").搜索请求至少包含以下组件:

                  An LDAP client retrieves attribute values (referred to as "fields" in the question) by transmitting a search request to the server and then reading the server's response. A search request consists of at a minimum the following components:

                  • 基本 DN - 开始搜索的对象.不返回高于基本 DN 的对象
                  • scope - 搜索的范围;这是 baseonesubtree
                  • filter - 限制服务器返回的条目的过滤器

                  此外,请求的属性列表可以与搜索请求一起传输.如果未提供请求的属性列表,许多 LDAP SDK 将仅返回所有用户属性而不返回操作属性.在这种情况下,请求属性 descriptionoffice 以及任何其他所需的属性.

                  Additionally, a list of requested attributes can be transmitted with the search request. Many LDAP SDKs will simply return all user attributes and no operational attributes if no requested attributes list is provided. In this case, request the attributes description and office and any others that are required.

                  符合 LDAP 的服务器强制执行访问控制方案,这可能会导致服务器不返回某些属性.请咨询 LDAP 管理员以确定 LDAP 客户端连接的身份验证状态是否有权访问所需的属性.

                  LDAP-compliant servers enforce an access control scheme which might cause the server to not return certain attributes. Consult with the LDAP administrators to determine if the authentication state of the LDAP client connections have permission to access the attributes desired.

                  • LDAP:使用 ldapsearch:本文参考 ldapsearch 命令行工具,但概念与编程访问相同.
                  • LDAP: Using ldapsearch: this article refers to the ldapsearch command line tool, but the concepts are the same as for programmatic access.

                  这篇关于如何对各个字段进行 LDAP 搜索的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持跟版网!

                  本站部分内容来源互联网,如果有图片或者内容侵犯了您的权益,请联系我们,我们会在确认后第一时间进行删除!

                  相关文档推荐

                  Slf4j LoggerFactory.getLogger and sonarqube(Slf4j LoggerFactory.getLogger 和 sonarqube)
                  Security - Array is stored directly(安全性 - 数组直接存储)
                  SonarQube quot;Class Not Foundquot; during Main AST Scan(SonarQube“找不到类在主 AST 扫描期间)
                  Integrate Spock#39;s test with Sonar(将 Spock 的测试与声纳集成)
                  How do I make Hudson/Jenkins fail if Sonar thresholds are breached?(如果违反声纳阈值,我如何让 Hudson/Jenkins 失败?)
                  automatically add curly brackets to all if/else/for/while etc. in a java code-base(自动将大括号添加到 java 代码库中的所有 if/else/for/while 等)
                    <tfoot id='lnXAy'></tfoot>
                    <i id='lnXAy'><tr id='lnXAy'><dt id='lnXAy'><q id='lnXAy'><span id='lnXAy'><b id='lnXAy'><form id='lnXAy'><ins id='lnXAy'></ins><ul id='lnXAy'></ul><sub id='lnXAy'></sub></form><legend id='lnXAy'></legend><bdo id='lnXAy'><pre id='lnXAy'><center id='lnXAy'></center></pre></bdo></b><th id='lnXAy'></th></span></q></dt></tr></i><div id='lnXAy'><tfoot id='lnXAy'></tfoot><dl id='lnXAy'><fieldset id='lnXAy'></fieldset></dl></div>
                      <tbody id='lnXAy'></tbody>
                  1. <small id='lnXAy'></small><noframes id='lnXAy'>

                        • <bdo id='lnXAy'></bdo><ul id='lnXAy'></ul>

                            <legend id='lnXAy'><style id='lnXAy'><dir id='lnXAy'><q id='lnXAy'></q></dir></style></legend>