@Resource(name = "ldap/users")private LdapContext ctx; Hashtable env = new

1. @Resource(name = "ldap/users")
2. private LdapContext ctx;
3.  
4. Hashtable env = new Hashtable();
5. env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
6. env.put(Context.PROVIDER_URL, "ldap://localhost:389/o=JNDITutorial");
7.  
8. env.put(Context.SECURITY_AUTHENTICATION, "simple");
9. env.put(Context.SECURITY_PRINCIPAL, "cn=S. User, ou=NewHires, o=JNDITutorial");
10. env.put(Context.SECURITY_CREDENTIALS, "mysecret");
11.  
12. DirContext ctx = new InitialDirContext(env);
13.  
14. @Resource(name = "ldap/users")
15. private LdapContext ldapContext;
16.  
17. Hashtable environment = ldapContext.getEnvironment().clone();
18. environment.put(Context.SECURITY_PRINCIPAL, userDN);
19. environment.put(Context.SECURITY_CREDENTIALS, userPassword);
20.  
21. DirContext dirContext = new InitialDirContext(environment);
22.  
23. public static boolean performAuthentication() {
24.  
25. // service user
26. String serviceUserDN = "cn=Mister Service,ou=Users,dc=example,dc=com";
27. String serviceUserPassword = "abc123#!$";
28.  
29. // user to authenticate
30. String identifyingAttribute = "uid";
31. String identifier = "maxdev";
32. String password = "jkl987.,-";
33. String base = "ou=Users,dc=example,dc=com";
34.  
35. // LDAP connection info
36. String ldap = "localhost";
37. int port = 10389;
38. String ldapUrl = "ldap://" + ldap + ":" + port;
39.  
40. // first create the service context
41. DirContext serviceCtx = null;
42. try {
43. // use the service user to authenticate
44. Properties serviceEnv = new Properties();
45. serviceEnv.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
46. serviceEnv.put(Context.PROVIDER_URL, ldapUrl);
47. serviceEnv.put(Context.SECURITY_AUTHENTICATION, "simple");
48. serviceEnv.put(Context.SECURITY_PRINCIPAL, serviceUserDN);
49. serviceEnv.put(Context.SECURITY_CREDENTIALS, serviceUserPassword);
50. serviceCtx = new InitialDirContext(serviceEnv);
51.  
52. // we don't need all attributes, just let it get the identifying one
53. String[] attributeFilter = { identifyingAttribute };
54. SearchControls sc = new SearchControls();
55. sc.setReturningAttributes(attributeFilter);
56. sc.setSearchScope(SearchControls.SUBTREE_SCOPE);
57.  
58. // use a search filter to find only the user we want to authenticate
59. String searchFilter = "(" + identifyingAttribute + "=" + identifier + ")";
60. NamingEnumeration<SearchResult> results = serviceCtx.search(base, searchFilter, sc);
61.  
62. if (results.hasMore()) {
63. // get the users DN (distinguishedName) from the result
64. SearchResult result = results.next();
65. String distinguishedName = result.getNameInNamespace();
66.  
67. // attempt another authentication, now with the user
68. Properties authEnv = new Properties();
69. authEnv.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
70. authEnv.put(Context.PROVIDER_URL, ldapUrl);
71. authEnv.put(Context.SECURITY_PRINCIPAL, distinguishedName);
72. authEnv.put(Context.SECURITY_CREDENTIALS, password);
73. new InitialDirContext(authEnv);
74.  
75. System.out.println("Authentication successful");
76. return true;
77. }
78. } catch (Exception e) {
79. e.printStackTrace();
80. } finally {
81. if (serviceCtx != null) {
82. try {
83. serviceCtx.close();
84. } catch (NamingException e) {
85. e.printStackTrace();
86. }
87. }
88. }
89. System.err.println("Authentication failed");
90. return false;
91. }
92.  
93. package com.agileinfotech.bsviewer.servlet;
94.  
95. import java.io.IOException;
96. import javax.servlet.RequestDispatcher;
97. import javax.servlet.ServletException;
98. import javax.servlet.http.HttpServletRequest;
99. import javax.servlet.http.HttpServletResponse;
100. import javax.naming.*;
101. import javax.naming.directory.*;
102. import java.util.Hashtable;
103.  
104. public class Login extends javax.servlet.http.HttpServlet implements javax.servlet.Servlet {
105.  
106. public Login() {
107. super();
108. }
109.  
110. protected void processRequest(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
111.  
112. final String SUCCESS = "loin.jsp";
113. final String FAILURE = "Failure.html";
114. String strUrl = "login.html";
115. String username = request.getParameter("username");
116. String password = request.getParameter("password");
117.  
118.  
119.  
120. Hashtable env = new Hashtable(11);
121.  
122. boolean b = false;
123.  
124. env.put(Context.INITIAL_CONTEXT_FACTORY,
125. "com.sun.jndi.ldap.LdapCtxFactory");
126. env.put(Context.PROVIDER_URL, "ldap://localhost:10389");
127. env.put(Context.SECURITY_AUTHENTICATION, "simple");
128. env.put(Context.SECURITY_PRINCIPAL, "uid="+ username +",ou=system");
129. env.put(Context.SECURITY_CREDENTIALS, password);
130.  
131. try {
132. // Create initial context
133. DirContext ctx = new InitialDirContext(env);
134.  
135. // Close the context when we're done
136. b = true;
137. ctx.close();
138.  
139. } catch (NamingException e) {
140. b = false;
141. }finally{
142. if(b){
143. System.out.print("Success");
144. strUrl = SUCCESS;
145. }else{
146. System.out.print("Failure");
147. strUrl = FAILURE;
148. }
149. }
150. RequestDispatcher rd = request.getRequestDispatcher(strUrl);
151. rd.forward(request, response);
152.  
153. }
154.  
155. protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
156. processRequest(request,response);
157. }
158.  
159. protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
160. processRequest(request,response);
161. }
162. }