LDAP的英文全称是Lightweight Directory Access Protocol,一般都简称为LDAP。它是基于X.500标准的,但是简单多了并且可以根据需要定制。与X.500不同,LDAP支持TCP/IP,这对访问Internet是必须的。LDAP的核心规范在RFC中都有定义,所有与LDAP相关的RFC都可以在LDAPman RFC网页中找到。现在LDAP技术不仅发展得很快而且也是激动人心的。在企业范围内实现LDAP可以让运行在几乎所有计算机平台上的所有的应用程序从 LDAP目录中获取信息。LDAP目录中可以存储各种类型的数据:电子邮件地址、邮件路由信息、人力资源数据、公用密匙、联系人列表,等等。通过把 LDAP目录作为系统集成中的一个重要环节,可以简化员工在企业内部查询信息的步骤,甚至连主要的数据源都可以放在任何地方。
以下是对ldap中进行连接,人员的增删改查的过程。希望对初学者有一定的帮助。
package net.risesoft.ldap;
import java.util.Enumeration;
import java.util.Hashtable;
import javax.naming.Context;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.directory.BasicAttribute;
import javax.naming.directory.BasicAttributes;
import javax.naming.directory.DirContext;
import javax.naming.directory.InitialDirContext;
import javax.naming.directory.ModificationItem;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
public class LdapTest {
public static void main(String[] args) {
String account = "admin";
String password = "1";
String root = "o=com"; // root
Hashtable env = new Hashtable();
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.PROVIDER_URL, "ldap://localhost:389/" + root);
env.put(Context.SECURITY_AUTHENTICATION, "simple");
env.put(Context.SECURITY_PRINCIPAL, "cn=" + account + "," + root);
env.put(Context.SECURITY_CREDENTIALS, password);
DirContext ctx = null;
try {
// 链接ldap
ctx = new InitialDirContext(env);
System.out.println("ldap认证成功");
// 3.添加节点
String newUserName = "user2";
BasicAttributes attrsbu = new BasicAttributes();
BasicAttribute objclassSet = new BasicAttribute("objectclass");
objclassSet.add("person");
objclassSet.add("top");
objclassSet.add("organizationalPerson");
objclassSet.add("inetOrgPerson");
attrsbu.put(objclassSet);
attrsbu.put("sn", newUserName);
attrsbu.put("uid", newUserName);
ctx.createSubcontext("cn=" + newUserName, attrsbu);
// 5.修改节点
account = "user2";
String newDisplayName = "newDisplayName";
ModificationItem modificationItem[] = new ModificationItem[1];
modificationItem[0] = new ModificationItem(DirContext.REPLACE_ATTRIBUTE, new BasicAttribute("displayName", newDisplayName));
ctx.modifyAttributes("cn=" + account, modificationItem);
// 查询节点
SearchControls constraints = new SearchControls();
constraints.setSearchScope(SearchControls.SUBTREE_SCOPE);
// constraints.setSearchScope(SearchControls.ONELEVEL_SCOPE);
NamingEnumeration en = ctx.search("", "cn=user2", constraints); // 查询所有用户
while (en != null && en.hasMoreElements()) {
Object obj = en.nextElement();
if (obj instanceof SearchResult) {
SearchResult si = (SearchResult) obj;
System.out.println("name: " + si.getName());
Attributes attrs = si.getAttributes();
if (attrs == null) {
System.out.println("No attributes");
} else {
for (NamingEnumeration ae = attrs.getAll(); ae.hasMoreElements();) {
Attribute attr = (Attribute) ae.next();
String attrId = attr.getID();
for (Enumeration vals = attr.getAll(); vals.hasMoreElements();) {
System.out.print(attrId + ": ");
Object o = vals.nextElement();
if (o instanceof byte[])
System.out.println();// new
// String((byte[])o)
else
System.out.println(o);
}
}
}
} else {
System.out.println(obj);
}
System.out.println();
}
// 4.删除节点
account = "user2";
ctx.destroySubcontext("cn=" + account);
} catch (javax.naming.AuthenticationException e) {
System.out.println("认证失败");
} catch (Exception e) {
System.out.println("认证出错:");
e.printStackTrace();
}
if (ctx != null) {
try {
ctx.close();
} catch (NamingException e) {
// ignore
}
}
System.exit(0);
}
}
posted on 2007-05-31 14:25
安文豪 阅读(6959)
评论(4) 编辑 收藏