Authentication of LDAP

Source: Internet
Author: User
Tags ldap

Recently, many basic operations have been introduced to all aspects of ldap in ldap development projects, including addition, deletion, modification, query, configuration, and connection pool, anyone who uses spring should be able to make it easy. In fact, spring-ldap provides a good description. Next, let's talk about the authentication problem. I just finished it today.

You can see that there is a related authentication method in Chapter 10th in the documentation on the official website, but there is a problem. If you do not configure things according to the document, he can pass the authentication, if you configure things according to the document and then call verification, the system will report an exception saying that you cannot find ContextSource. This is because in Chapter 6th, it changed the connection id with the server to contextSourceTarget.

However, in LDAP, contextSource is not just an id. Because in the LDAP world, it has an interface called ontextSource, which is used for verification, you can use it when you do not configure things..

In the next two sections of code, things are set together with jpa:


<Bean id = "contextSource" class = "org. springframework. ldap. core. support. ldapContextSource "> <property name =" url "value =" ldap: // 127.0.0.1: 389 "/> <property name =" userDn "value =" cn = Directory Manager "/> <property name =" password "value =" ****** "/> </bean> <bean id = "contextSourceTarget" class = "org. springframework. ldap. transaction. compensating. manager. transactionAwareContextSourceProxy "> <constructor-arg Ref = "contextSource"/> </bean> <bean id = "ldapTemplateAuthention" class = "org. springframework. ldap. core. ldapTemplate "> <constructor-arg ref =" contextSource "/> </bean> <bean id =" ldapTemplate "class =" org. springframework. ldap. core. ldapTemplate "> <constructor-arg ref =" contextSourceTarget "/> </bean> <bean id =" transactionManager "class =" com. smarcloud. control. util. contextSourceAndJpaTransactionManager "> <pro Perty name = "contextSource" ref = "contextSourceTarget"/> <property name = "entityManagerFactory" ref = "entityManagerFactory"/> <! -- This is jpa --> </bean> <tx: annotation-driven transaction-manager = "transactionManager"/>

Then, you can make sure that your authentication method is available and there are still things.

The main reason why two ldaptemplates are required is that the class = "org. springframework. ldap. transaction. compensating. manager. transactionAwareContextSourceProxy "the proxy here in spring does not support the contextSource verification source code. It is very difficult to complete), so write a separate" ldapTemplateAuthention "for separate verification, "ldapTemplate" is used for normal business and transactions.

The following is the authentication method, which is listed on the official website at 0.0:


public boolean authentication(String uid){    CollectingAuthenticationErrorCallback errorCallback = new CollectingAuthenticationErrorCallback();     String filter = "(&(objectclass=inetOrgPerson)(uid=" + uid + "))";    boolean result = ldapTemplateAuthention.authenticate("", filter.toString(), "123456", errorCallback);    if (!result) {      Exception error = errorCallback.getError();      // error is likely of type org.springframework.ldap.AuthenticationException      error.printStackTrace();}    return result;}

OK. If the authentication succeeds, "true" means "false", an exception is returned.

This article from the "Write down on the right" blog, please be sure to keep this source http://jueshizhanhun.blog.51cto.com/4372226/1272001

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.