API tools faq
paste
Guest User

Untitled

a guest
Sep 13th, 2016
89
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.81 KB | None | 0 0
raw download clone embed print report
  1. /*
  2. * First create the keystore (to allow SSL protection) by importing the LDAP
  3. * certificate (cert.pem) with:
  4. * keytool -import -keystore keystore -storepass changeit -noprompt -file cert.pem
  5. *
  6. * You can get the certificate with OpenSSL:
  7. * openssl s_client -connect ldap.server.com:636 </dev/null 2>/dev/null | sed -n '/^-----BEGIN/,/^-----END/ { p }' > cert.pem
  8. *
  9. * Then compile this class with:
  10. * javac LdapAuth.java
  11. *
  12. * Finally execute it with:
  13. * java -Djavax.net.ssl.trustStore=keystore -Djavax.net.ssl.keyStorePassword=changeit LdapAuth <username> <password>
  14. */
  15.  
  16. import java.util.*;
  17. import javax.naming.*;
  18. import java.util.regex.*;
  19. import javax.naming.directory.*;
  20.  
  21. public class LdapAuth {
  22. private final static String ldapURI = "ldaps://ldap.server.com/dc=ldap,dc=server,dc=com";
  23. private final static String contextFactory = "com.sun.jndi.ldap.LdapCtxFactory";
  24.  
  25. private static DirContext ldapContext () throws Exception {
  26. Hashtable<String,String> env = new Hashtable <String,String>();
  27. return ldapContext(env);
  28. }
  29.  
  30. private static DirContext ldapContext (Hashtable <String,String>env) throws Exception {
  31. env.put(Context.INITIAL_CONTEXT_FACTORY, contextFactory);
  32. env.put(Context.PROVIDER_URL, ldapURI);
  33. DirContext ctx = new InitialDirContext(env);
  34. return ctx;
  35. }
  36.  
  37. private static String getUid (String user) throws Exception {
  38. DirContext ctx = ldapContext();
  39.  
  40. String filter = "(uid=" + user + ")";
  41. SearchControls ctrl = new SearchControls();
  42. ctrl.setSearchScope(SearchControls.SUBTREE_SCOPE);
  43. NamingEnumeration answer = ctx.search("", filter, ctrl);
  44.  
  45. String dn;
  46. if (answer.hasMore()) {
  47. SearchResult result = (SearchResult) answer.next();
  48. dn = result.getNameInNamespace();
  49. }
  50. else {
  51. dn = null;
  52. }
  53. answer.close();
  54. return dn;
  55. }
  56.  
  57. private static boolean testBind (String dn, String password) throws Exception {
  58. Hashtable<String,String> env = new Hashtable <String,String>();
  59. env.put(Context.SECURITY_AUTHENTICATION, "simple");
  60. env.put(Context.SECURITY_PRINCIPAL, dn);
  61. env.put(Context.SECURITY_CREDENTIALS, password);
  62.  
  63. try {
  64. ldapContext(env);
  65. }
  66. catch (javax.naming.AuthenticationException e) {
  67. return false;
  68. }
  69. return true;
  70. }
  71.  
  72. public static void main(String args[]) throws Exception {
  73. if (args.length != 2) {
  74. System.out.println( "missing requried username and password" );
  75. System.exit(1);
  76. }
  77.  
  78. String user = args[0];
  79. String password = args[1];
  80. String dn = getUid( user );
  81.  
  82. if (dn != null) {
  83. /* Found user - test password */
  84. if ( testBind( dn, password ) ) {
  85. System.out.println( "user '" + user + "' authentication succeeded" );
  86. System.exit(0);
  87. }
  88. else {
  89. System.out.println( "user '" + user + "' authentication failed" );
  90. System.exit(1);
  91. }
  92. }
  93. else {
  94. System.out.println( "user '" + user + "' not found" );
  95. System.exit(1);
  96. }
  97. }
  98. }
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!